indexhibit CVE 脆弱性と CVE 一覧(8)

製品(CPE): — CVE 件数: 8

indexhibit 脆弱性概要

indexhibit 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。

一般的な弱点パターンには vendor risk cross-site scripting、vendor risk csrf、パス処理の欠陥, and vendor risk input validation があり、vendor surface production workloads の利用場面で vendor impact session compromise、vendor impact unexpected behavior, and ファイル上書き などのリスクが生じる可能性があります。

掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。

脆弱性分布の推移(直近24か月)

表示中 18 / 8 CVE 件数
«« 先頭 « 前へ 1 / 1 次へ »
CVE 概要 ソース CVSS 最大値 EPSS(%) 公開 更新
CVE-2020-18127 An issue in the /config/config.php component of Indexhibit 2.1.5 allows attackers to arbitrarily view files. [email protected] 6.5 1.17% 2021-08-30 2026-06-16
CVE-2020-18126 Multiple stored cross-site scripting (XSS) vulnerabilities in the Sections module of Indexhibit 2.1.5 allows attackers to execute arbitrary web scripts or HTML. [email protected] 5.4 0.49% 2021-08-30 2026-06-16
CVE-2020-18125 A reflected cross-site scripting (XSS) vulnerability in the /plugin/ajax.php component of Indexhibit 2.1.5 allows attackers to execute arbitrary web scripts or HTML. [email protected] 6.1 0.56% 2021-08-30 2026-06-16
CVE-2020-18124 A cross-site request forgery (CSRF) vulnerability in Indexhibit 2.1.5 allows attackers to arbitrarily reset account passwords. [email protected] 5.7 0.36% 2021-08-30 2026-06-16
CVE-2020-18123 A cross-site request forgery (CSRF) vulnerability in Indexhibit 2.1.5 allows attackers to arbitrarily delete admin accounts. [email protected] 6.5 0.41% 2021-08-30 2026-06-16
CVE-2020-18121 A configuration issue in Indexhibit 2.1.5 allows authenticated attackers to modify .php files, leading to getshell. [email protected] 8.8 0.97% 2021-08-30 2026-06-16
CVE-2019-16314 Indexhibit 2.1.5 allows a product reinstallation, with resultant remote code execution, via /ndxzstudio/install.php?p=2. [email protected] 9.8 38.73% 2019-09-14 2026-06-16
CVE-2019-8954 In Indexhibit 2.1.5, remote attackers can execute arbitrary code via the v parameter (in conjunction with the id parameter) in a upd_jxcode=true action to the ndxzstudio/?a=system URI. [email protected] 8.8 2.70% 2019-02-20 2026-06-16
«« 先頭 « 前へ 1 / 1 次へ »
cvelogic Threat Intelligence