55 matches found
CMS Made Simple 跨站脚本漏洞
CMS Made Simple CMSMS is an open source content management system that provides developers, programmers, and website owners with a web-based version of the development and management interface. A stored cross-site scripting vulnerability exists in CMS Made Simple version 2.2.14, which can be...
Chadha PHPKB Cross-Site Scripting Vulnerability (CNVD-2020-17209)
Chadha PHPKB is a knowledge base software that keeps information organized, accessible and manageable for internal teams and external clients. A reflected cross-site scripting vulnerability exists in admin/add-article.php in Chadha PHPKB Standard Multilingual Version 9. The vulnerability stems fr...
CVE-2020-10391
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/add-article.php by adding a question mark ? followed by the payload...
CVE-2019-17630
CMS Made Simple CMSMS 2.2.11 allows stored XSS by an admin via a crafted image filename on the "News Add Article" screen...
Design/Logic Flaw
CMS Made Simple CMSMS 2.2.11 allows stored XSS by an admin via a crafted image filename on the "News Add Article" screen...
CVE-2019-17630
CMS Made Simple CMSMS 2.2.11 allows stored XSS by an admin via a crafted image filename on the "News Add Article" screen...
CVE-2019-11226
CMS Made Simple 2.2.10 has XSS via the m1name parameter in "Add Article" under Content - Content Manager - News...
CVE-2019-11226
CMS Made Simple 2.2.10 has XSS via the m1name parameter in "Add Article" under Content - Content Manager - News...
CVE-2019-11226
CVE-2019-11226 : CMS Made Simple 2.2.10 contains a cross-site scripting (XSS) vulnerability reachable via the m1_name parameter in the Add Article workflow under Content → Content Manager → News. Several sources describe this as an XSS issue (some references note authenticated, persistent XSS beh...
CMS Made Simple <= 2.2.12 Multiple Reflected XSS Vulnerabilities
CMS Made Simple is prone to multiple reflected cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Cross site scripting
XSS exists in CMS Made Simple version 2.2.7 via the m1newsurl parameter in an admin/moduleinterface.php "Content--News--Add Article" action...
CVE-2018-18271
XSS exists in CMS Made Simple version 2.2.7 via the m1extra parameter in an admin/moduleinterface.php "Content--News--Add Article" action...
CVE-2018-12339
ArticleCMS through 2017-02-19 has XSS via an "add an article" action...
CVE-2018-12339
ArticleCMS through 2017-02-19 has XSS via an "add an article" action...
CMS Made Simple Cross-Site Scripting Vulnerability (CNVD-2017-04704)
CMS Made Simple CMSMS is an open source content management system CMS developed by the CMSMS team. The system supports role-based rights management system , wizard-based installation and update mechanism , intelligent caching mechanism and so on. A cross-site scripting vulnerability exists in the...
CMS Made Simple Cross-Site Scripting Vulnerability (CNVD-2017-04711)
CMS Made Simple CMSMS is an open source content management system CMS developed by the CMSMS team. The system supports role-based rights management system , wizard-based installation and update mechanism , intelligent caching mechanism and so on. A cross-site scripting vulnerability exists in the...
CMS Made Simple Cross-Site Scripting Vulnerability (CNVD-2017-04705)
CMS Made Simple CMSMS is an open source content management system CMS developed by the CMSMS team. The system supports role-based rights management system , wizard-based installation and update mechanism , intelligent caching mechanism and so on. A cross-site scripting vulnerability exists in the...
CVE-2017-7255
XSS exists in the CMS Made Simple CMSMS 2.1.6 "Content--News--Add Article" feature via the m1title parameter. Someone must login to conduct the attack...
CVE-2017-7256
XSS exists in the CMS Made Simple CMSMS 2.1.6 "Content--News--Add Article" feature via the m1summary parameter. Someone must login to conduct the attack...
CVE-2017-7257
XSS exists in the CMS Made Simple CMSMS 2.1.6 "Content--News--Add Article" feature via the m1content parameter. Someone must login to conduct the attack...