Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
piranha vulnerabilities and exploits
(subscribe to this query)
8.1
CVSSv3
CVE-2021-25976
In PiranhaCMS, versions 4.0.0-alpha1 to 9.2.0 are vulnerable to cross-site request forgery (CSRF) when performing various actions supported by the management system, such as deleting a user, deleting a role, editing a post, deleting a media folder etc., when an ID is known.
Dotnetfoundation Piranha Cms 4.0.0
Dotnetfoundation Piranha Cms
5.4
CVSSv3
CVE-2021-25977
In PiranhaCMS, versions 7.0.0 to 9.1.1 are vulnerable to stored XSS due to the page title improperly sanitized. By creating a page with a specially crafted page title, a low privileged user can trigger arbitrary JavaScript execution.
Dotnetfoundation Piranha Cms
NA
CVE-2000-0248
The web GUI for the Linux Virtual Server (LVS) software in the Red Hat Linux Piranha package has a backdoor password that allows remote malicious users to execute arbitrary commands.
Redhat Linux 6.2
2 EDB exploits
NA
CVE-2000-0322
The passwd.php3 CGI script in the Red Hat Piranha Virtual Server Package allows local users to execute arbitrary commands via shell metacharacters.
Redhat Linux 6.2
1 EDB exploit
NA
CVE-2011-4710
Multiple SQL injection vulnerabilities in Pixie CMS 1.01 up to and including 1.04 allow remote malicious users to execute arbitrary SQL commands via the (1) pixie_user parameter and (2) Referer HTTP header in a request to the default URI.
Lucidcrew Pixie 1.04
Lucidcrew Pixie 1.03
Getpixie Pixie 1.01a
Getpixie Pixie 1.01
Lucidcrew Pixie 1.02
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started