Known Vulnerabilities for products from Nukeviet
Listed below are 11 of the newest known vulnerabilities associated with the vendor "Nukeviet".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-41147 json | Not Provided | 2026-05-22 | 2026-05-26 | |
| CVE-2025-8772 json | A vulnerability, which was classified as problematic, has been found in Vinades NukeViet up to 4.5.06. This issue affects som... | Not Provided | 2025-08-09 | 2026-04-29 |
| CVE-2022-30874 json | There is a Cross Site Scripting Stored (XSS) vulnerability in NukeViet CMS before 4.5.02. | 5.4 - MEDIUM | 2022-06-21 | 2022-09-13 |
| CVE-2022-3975 json | A vulnerability, which was classified as problematic, has been found in NukeViet CMS. Affected by this issue is the function ... | 6.1 - MEDIUM | 2022-11-13 | 2023-11-07 |
| CVE-2020-22765 json | Cross Site Scripting (XSS) vulnerability in NukeViet cms 4.4.0 via the editor in the News module. | 6.1 - MEDIUM | 2021-07-30 | 2021-08-03 |
| CVE-2020-21809 json | SQL Injection vulnerability in NukeViet CMS module Shops 4.0.29 and 4.3 via the (1) listid parameter in detail.php and the (2... | 9.8 - CRITICAL | 2021-07-30 | 2021-08-03 |
| CVE-2020-21808 json | SQL Injection vulnerability in NukeViet CMS 4.0.10 - 4.3.07 via:the topicsid parameter in modules/news/admin/addtotopics.php. | 9.8 - CRITICAL | 2021-07-30 | 2021-08-03 |
| CVE-2020-13157 json | modules\users\admin\edit.php in NukeViet 4.4 allows CSRF to change a user's password via an admin/index.php?nv=users&op=edit&... | 6.5 - MEDIUM | 2020-06-23 | 2020-06-29 |
| CVE-2020-13156 json | modules\users\admin\add_user.php in NukeViet 4.4 allows CSRF to add a user account via the admin/index.php?nv=users&op=user_a... | 6.5 - MEDIUM | 2020-06-23 | 2020-06-29 |
| CVE-2020-13155 json | clearsystem.php in NukeViet 4.4 allows CSRF with resultant HTML injection via the deltype parameter to the admin/index.php?nv... | 8.8 - HIGH | 2020-06-23 | 2020-06-29 |
| CVE-2019-7726 json | modules/banners/funcs/click.php in NukeViet before 4.3.04 has a SQL INSERT statement with raw header data from an HTTP reques... | 9.8 - CRITICAL | 2020-12-31 | 2021-01-05 |
| CVE-2019-7725 json | includes/core/is_user.php in NukeViet before 4.3.04 deserializes the untrusted nvloginhash cookie (i.e., the code relies on P... | 9.8 - CRITICAL | 2020-12-31 | 2021-01-05 |
Known software with vulnerabilities from Nukeviet
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Nukeviet | Nukeviet | 3.0.05 |