📦 Vvveb

This vulnerability in Vvveb CMS v1.0.6 allows remote attackers to execute arbitrary code through the plugin mechanism. Attackers can upload malicious plugins that execute code on the server, potential...

This CVE describes a path traversal vulnerability in givanz Vvveb CMS up to version 1.0.7.3. Attackers can manipulate file paths through the Code Editor component to access arbitrary files on the serv...

This SQL injection vulnerability in Vvveb CMS allows attackers to execute arbitrary SQL commands through the Raw SQL Handler import function. It affects all Vvveb installations up to version 1.0.7.3 w...

This is a Cross-Site Request Forgery (CSRF) vulnerability in givanz Vvveb CMS versions up to 1.0.7.2. Attackers can trick authenticated users into performing unintended actions on the CMS without thei...

This CVE-2025-11028 vulnerability in givanz Vvveb's Image Handler component allows remote attackers to perform manipulation that results in information disclosure. The flaw affects Vvveb versions up t...

This is a reflected cross-site scripting (XSS) vulnerability in Vvveb CMS version 1.0.7.2 that allows attackers to inject malicious scripts via the login form's Email/Password parameters. The vulnerab...

CVE-2025-9397 is an unrestricted file upload vulnerability in givanz Vvveb CMS that allows remote attackers to upload arbitrary files to the server. This affects all installations of Vvveb up to versi...

This critical Server-Side Request Forgery (SSRF) vulnerability in Vvveb's Drag-and-Drop Editor allows attackers to make unauthorized requests from the vulnerable server to internal or external systems...

This CVE describes a session fixation vulnerability in givanz Vvveb CMS version 1.0.6.1 that allows attackers to hijack user sessions by fixing session IDs before authentication. The vulnerability aff...