Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Sitemagic Security Vulnerabilities

cve
cve

CVE-2019-18219

Sitemagic CMS 4.4.1 is affected by a Cross-Site-Scripting (XSS) vulnerability, as it fails to validate user input. The affected components (index.php, upgrade.php) allow for JavaScript injection within both GET or POST requests, via a crafted URL or via the UpgradeMode POST...

6.1CVSS

7.3AI Score

0.001EPSS

2019-10-23 02:15 PM
24
cve
cve

CVE-2019-18220

Sitemagic CMS 4.4.1 is affected by a Cross-Site-Request-Forgery (CSRF) issue as it doesn't implement any method to validate incoming requests, allowing the execution of critical functionalities via spoofed requests. This behavior could be abused by a remote unauthenticated attacker to trick...

8.8CVSS

7.8AI Score

0.003EPSS

2019-10-23 02:15 PM
21
cve
cve

CVE-2019-10238

Sitemagic CMS v4.4 has XSS in SMFiles/FrmUpload.class.php via the filename...

6.1CVSS

6.5AI Score

0.001EPSS

2019-03-27 06:29 PM
24