An issue was discovered in WeaselCMS v0.3.5. CSRF can create new pages via an index.php?b=pages&a=new...
8.8CVSS
8.7AI Score
0.001EPSS
An issue was discovered in WeaselCMS v0.3.5. XSS exists via Site Language, Site Title, Site Description, and Site Keywords on the SETTINGS...
5.4CVSS
5.2AI Score
0.001EPSS
An issue was discovered in WeaselCMS v0.3.5. CSRF can update the website settings (such as the theme, title, and description) via...
8.8CVSS
8.7AI Score
0.001EPSS
Multiple XSS vulnerabilities in WeaselCMS v0.3.6 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index.php because $_SERVER['PHP_SELF'] is...
6.1CVSS
6AI Score
0.001EPSS
There is a PHP code upload vulnerability in WeaselCMS 0.3.6 via index.php because code can be embedded at the end of a .png file when the image/png content type is...
9.8CVSS
9.5AI Score
0.006EPSS