161 matches found
CVE-2024-43639
creationtimestamp| type| source ---|---|--- 2024-11-12 18:26:35+00:00| seen| https://www.thezdi.com/blog/2024/11/12/the-november-2024-security-update-review 2024-11-12 19:55:59+00:00| seen| https://infosec.exchange/users/cve/statuses/113471740875187261 2024-11-13 09:23:51+00:00| seen|...
CVE-2024-46996
baserCMS is a website development framework. Versions prior to 5.1.2 have a cross-site scripting vulnerability in the Blog posts feature. Version 5.1.2 fixes this issue...
CVE-2024-46994
baserCMS is a website development framework. Versions prior to 5.1.2 have a cross-site scripting vulnerability in Blog posts and Contents list Feature. Version 5.1.2 fixes this issue...
Cross-site Scripting (XSS)
Overview baserproject/basercms is a Content management system based on CakePHP. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the blog posts and contents list feature. An attacker can manipulate web page content or redirect users to malicious websites. Details...
CVE-2024-46996 baserCMS has a Cross-site Scripting (XSS) Vulnerability in Blog posts Feature
baserCMS is a website development framework. Versions prior to 5.1.2 have a cross-site scripting vulnerability in the Blog posts feature. Version 5.1.2 fixes this issue...
CVE-2024-46996
baserCMS (CMS framework) has a Cross-site Scripting (XSS) vulnerability in the Blog posts feature affecting versions prior to 5.1.2. The issue is addressed by upgrading to a fixed release (5.1.2 or newer; some sources list 5.1.3 as the update path). Multiple connected advisories confirm the affec...
CVE-2024-46994 baserCMS has Cross-site Scripting Vulnerability in Blog posts and Contents list Feature
baserCMS is a website development framework. Versions prior to 5.1.2 have a cross-site scripting vulnerability in Blog posts and Contents list Feature. Version 5.1.2 fixes this issue...
CVE-2024-46994
CVE-2024-46994 concerns baserCMS. A cross-site scripting (XSS) vulnerability exists in the Blog posts and Contents list feature for versions prior to 5.1.2; version 5.1.2 contains the fix. Publicly documented analyses and advisories (including JVN and RH) corroborate the issue and list remediatio...
CVE-2024-46994 baserCMS has Cross-site Scripting Vulnerability in Blog posts and Contents list Feature
baserCMS is a website development framework. Versions prior to 5.1.2 have a cross-site scripting vulnerability in Blog posts and Contents list Feature. Version 5.1.2 fixes this issue...
CVE-2024-46994 baserCMS has Cross-site Scripting Vulnerability in Blog posts and Contents list Feature
baserCMS is a website development framework. Versions prior to 5.1.2 have a cross-site scripting vulnerability in Blog posts and Contents list Feature. Version 5.1.2 fixes this issue...
baserCMS has a Cross-site Scripting (XSS) Vulnerability in Blog posts Feature
XSS vulnerability in Blog posts feature to baserCMS. Target baserCMS 5.1.1 and earlier versions Vulnerability Malicious code may be executed in Blog posts feature. Countermeasures Update to the latest version of baserCMS Please refer to the following page to reference for more information...
GHSA-66JV-QRM3-VVFG baserCMS has a Cross-site Scripting (XSS) Vulnerability in Blog posts Feature
XSS vulnerability in Blog posts feature to baserCMS. Target baserCMS 5.1.1 and earlier versions Vulnerability Malicious code may be executed in Blog posts feature. Countermeasures Update to the latest version of baserCMS Please refer to the following page to reference for more information...
baserCMS has a Cross-site Scripting (XSS) Vulnerability in Blog posts and Contents list Feature
XSS vulnerability in Blog posts and Contents list Feature to baserCMS. Target baserCMS 5.1.1 and earlier versions Vulnerability Malicious code may be executed in Blog posts and Contents list feature. Countermeasures Update to the latest version of baserCMS Please refer to the following page to...
GHSA-WRJC-FMFQ-W3JR baserCMS has a Cross-site Scripting (XSS) Vulnerability in Blog posts and Contents list Feature
XSS vulnerability in Blog posts and Contents list Feature to baserCMS. Target baserCMS 5.1.1 and earlier versions Vulnerability Malicious code may be executed in Blog posts and Contents list feature. Countermeasures Update to the latest version of baserCMS Please refer to the following page to...
PT-2024-32328 · Basercms · Basercms
Name of the Vulnerable Software and Affected Versions: baserCMS versions prior to 5.1.2 Description: The issue is a cross-site scripting vulnerability in the Blog posts feature of baserCMS, a website development framework. This vulnerability allows malicious code to be executed in the Blog posts...
CVE-2024-43461
creationtimestamp| type| source ---|---|--- 2024-09-10 17:25:32+00:00| seen| https://www.thezdi.com/blog/2024/9/10/the-september-2024-security-update-review 2024-09-10 20:06:31+00:00| seen| https://t.me/cvedetector/5292 2024-09-11 04:00:00+00:00| seen|...
CVE-2023-36756
creationtimestamp| type| source ---|---|--- 2024-09-05 15:39:37+00:00| seen| https://www.thezdi.com/blog/2024/9/4/exploiting-exchange-powershell-after-proxynotshell-part-1-multivaluedproperty 2024-09-12 15:00:00+00:00| seen|...
CVE-2024-5614
CVE-2024-5614 affects Piotnet Addons For Elementor for WordPress up to version 2.4.29. The vulnerability allows unauthenticated attackers to perform Sensitive Information Exposure via the pafe_posts_list function, exposing titles and excerpts of future, draft, and pending posts. CVSS 3.1/3.1 base...
WordPress plugin Blog, Posts and Category Filter for Elementor security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...
CVE-2024-5615
The Open Graph plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.11.2 via the 'opengraphdefaultdescription' function. This makes it possible for unauthenticated attackers to extract sensitive data including partial content of...