29 matches found
CVE-2021-27679
CVE-2021-27679 is an XSS vulnerability in Batflat CMS 1.3.6, specifically in the Navigation functionality. The issue allows remote attackers to inject arbitrary web script or HTML via the field name, enabling script execution in contexts where the affected page is viewed by other users. The conne...
CVE-2021-27678
CVE-2021-27678 affects Batflat CMS 1.3.6 (Snippets) with a Cross-site scripting (XSS) vulnerability that allows remote attackers to inject arbitrary web script or HTML via the field name. Exploitation details, affected versions beyond 1.3.6, and remediation steps are not provided in the supplied ...
CVE-2021-27678
Cross-site scripting XSS vulnerability in Snippets in Batflat CMS 1.3.6 allows remote attackers to inject arbitrary web script or HTML via the field name...
CVE-2021-27677
CVE-2021-27677 is an XSS vulnerability in the Batflat CMS 1.3.6 Galleries component. The issue allows remote attackers to inject arbitrary web script or HTML via the field name, indicating improper input handling in the Galleries module. Affected software is Batflat CMS (Galleries) v1.3.6; root c...
CVE-2021-27677
Cross-site scripting XSS vulnerability in Galleries in Batflat CMS 1.3.6 allows remote attackers to inject arbitrary web script or HTML via the field name...
Batflat CMS 跨站脚本漏洞
Batflat is a simple, lightweight content management system CMS. A cross-site scripting vulnerability exists in Galleries in Batflat 1.3.6. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML via field names...
Batflat CMS 1.3.6 Cross Site Scripting
Exploit Title: Batflat CMS 1.3.6 - 'multiple' Stored XSS Date: 22/02/2021 Exploit Author: Tadjmen Vendor Homepage: https://batflat.org/ Software Link: https://github.com/sruupl/batflat/archive/master.zip Version: 1.3.6 Tested on: Xammpp on Windows, Firefox Newest CVE : N/A Multiple Stored XSS...
Batflat CMS 1.3.6 - multiple Stored XSS Vulnerabilities
Exploit Title: Batflat CMS 1.3.6 - 'multiple' Stored XSS Exploit Author: Tadjmen Vendor Homepage: https://batflat.org/ Software Link: https://github.com/sruupl/batflat/archive/master.zip Version: 1.3.6 Tested on: Xammpp on Windows, Firefox Newest CVE : N/A Multiple Stored XSS Cross-Site Scripting...
Batflat CMS 1.3.6 - 'multiple' Stored XSS
Exploit Title: Batflat CMS 1.3.6 - 'multiple' Stored XSS Date: 22/02/2021 Exploit Author: Tadjmen Vendor Homepage: https://batflat.org/ Software Link: https://github.com/sruupl/batflat/archive/master.zip Version: 1.3.6 Tested on: Xammpp on Windows, Firefox Newest CVE : N/A Multiple Stored XSS...