Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (49 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-1787 1 Postnuke Software Foundation 1 Postcalendar 2025-04-03 N/A
SQL injection vulnerability in PostCalendar 4.0.0 allows remote attackers to execute arbitrary SQL commands via search queries.
CVE-2006-4968 1 Postnuke Software Foundation 1 Pnphpbb 2025-04-03 N/A
PHP remote file inclusion vulnerability in includes/functions_admin.php in PNphpBB 1.2g allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
CVE-2005-1778 1 Postnuke Software Foundation 1 Postnuke 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in readpmsg.php in PostNuke 0.750 allows remote attackers to inject arbitrary web script or HTML via the start parameter.
CVE-2005-1700 1 Postnuke Software Foundation 1 Postnuke 2025-04-03 N/A
SQL injection vulnerability in pnadmin.php in the Xanthia module in PostNuke 0.760-RC3 allows remote administrators to execute arbitrary SQL commands via the riga[0] parameter.
CVE-2002-0739 1 Postnuke Software Foundation 1 Postcalendar 2025-04-03 N/A
Cross-site scripting in PostCalendar 3.02 allows remote attackers to insert arbitrary HTML and script, and steal cookies, by modifying a calendar entry in its preview page.
CVE-2005-2690 1 Postnuke Software Foundation 1 Postnuke 2025-04-03 N/A
SQL injection vulnerability in the Downloads module in PostNuke 0.760-RC4b allows PostNuke administrators to execute arbitrary SQL commands via the show parameter to dl-viewdownload.php.
CVE-2003-1537 1 Postnuke Software Foundation 1 Postnuke 2025-04-03 N/A
Directory traversal vulnerability in PostNuke 0.723 and earlier allows remote attackers to include arbitrary files named theme.php via the theme parameter to index.php.
CVE-2004-1957 1 Postnuke Software Foundation 1 Postnuke 2025-04-03 N/A
Multiple cross-site scripting (XSS) vulnerabilities in PostNuke 0.726 allows remote attackers to inject arbitrary web script or HTML via the (1) lid and query parameters to the Downloads module, (2) query parameter to the Web_links module, or (3) hlpfile parameter to openwindow.php.
CVE-2005-1050 1 Postnuke Software Foundation 1 Postnuke 2025-04-03 N/A
The modload op in the Reviews module for PostNuke 0.760-RC3 allows remote attackers to obtain sensitive information via an invalid id parameter, which reveals the path in a PHP error message.