A stored cross-site scripting (XSS) vulnerability in /install.php?m=install&c=index&a=step3 of GreenCMS v2.3 allows attackers to execute arbitrary web scripts or HTML via a crafted...
5.4CVSS
5.2AI Score
0.0004EPSS
Cross Site Request Forgery vulnerability in GreenCMS v.2.3 allows an attacker to gain privileges via the adduser function of...
8CVSS
7.9AI Score
0.001EPSS
GreenCMS v2.3.0603 was discovered to contain an arbitrary file deletion vulnerability via...
8.1CVSS
8.1AI Score
0.001EPSS
An issue was discovered in GreenCMS v2.3.0603. There is a CSRF vulnerability that allows attackers to delete a log file via the index.php?m=admin&c=data&a=clear...
6.5CVSS
6.4AI Score
0.001EPSS
GreenCMS v2.3.0603 allows remote authenticated administrators to delete arbitrary files by modifying a base64-encoded pathname in an m=admin&c=media&a=delfilehandle&id= call, related to the m=admin&c=media&a=restorefile delete...
4.9CVSS
4.9AI Score
0.001EPSS
GreenCMS 2.3.0603 has an arbitrary file download vulnerability via an index.php?m=admin&c=media&a=downfile...
7.5CVSS
7.6AI Score
0.005EPSS
GreenCMS 2.3.0603 allows remote attackers to obtain sensitive information via a direct request for...
7.5CVSS
7.2AI Score
0.11EPSS
An issue was discovered in GreenCMS v2.3.0603. There is a CSRF vulnerability that allows attackers to execute arbitrary PHP code via the content parameter to...
8.8CVSS
8.9AI Score
0.002EPSS
An issue was discovered in GreenCMS v2.3.0603. There is a CSRF vulnerability that can add an admin account via...
8.8CVSS
8.6AI Score
0.002EPSS