Lucene search
K

5 matches found

CVE
CVE
added 2026/06/17 8:33 p.m.16 views

CVE-2026-48821

Shaarli versions ≤ 0.16.1 are affected by a DOM-based XSS in the Thumbnail Synchronizer. The ThumbnailsController::ajaxUpdate backend returns unescaped bookmark titles in JSON via an AJAX response, which are injected into the DOM by thumbnails-update.js using innerHTML. This requires an administr...

5.8CVSS5.3AI score0.0013EPSS
Exploits0References2
OSV
OSV
added 2018/10/02 6:29 p.m.26 views

CVE-2018-17595

In the 5.4.0 version of the Fork CMS software, HTML Injection and Stored XSS vulnerabilities were discovered via the /backend/ajax URI...

6.1CVSS6.3AI score0.01009EPSS
Exploits2References1
NVD
NVD
added 2018/10/02 6:29 p.m.34 views

CVE-2018-17595

In the 5.4.0 version of the Fork CMS software, HTML Injection and Stored XSS vulnerabilities were discovered via the /backend/ajax URI...

6.1CVSS6.4AI score0.01009EPSS
Exploits2References1
Cvelist
Cvelist
added 2018/10/02 6:0 p.m.36 views

CVE-2018-17595

In the 5.4.0 version of the Fork CMS software, HTML Injection and Stored XSS vulnerabilities were discovered via the /backend/ajax URI...

6.4AI score0.01009EPSS
Exploits2References1
Packet Storm
Packet Storm
added 2018/09/29 12:0 a.m.47 views

Fork CMS 5.4.0 Cross Site Scripting / HTML Injection

Exploit Title: Fork CMS 5.4.0 - HTML Injection and Stored XSS Date: 2018-09-26 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.fork-cms.com/ Software Link : https://github.com/forkcms/forkcms Software : Fork 5.4.0 Product Version: 5.4.0 Vulernability Type : Code Injection Vulenrabili...

0.01009EPSS
Exploits2
Rows per page
Query Builder