4 matches found
CVE-2020-37237
Composr CMS 10.0.34 contains a persistent cross-site scripting vulnerability that allows authenticated administrators to inject malicious scripts through the banner management interface. Attackers with admin credentials can inject XSS payloads in the Description field of the Add banner...
CVE-2020-37237
Composr CMS 10.0.34 contains a persistent cross-site scripting vulnerability that allows authenticated administrators to inject malicious scripts through the banner management interface. Attackers with admin credentials can inject XSS payloads in the Description field of the Add banner...
Composr CMS 代码问题漏洞
Ocproducts Composr CMS is an open source content management system CMS written in the PHP language by ocProducts Ocproducts UK. A security vulnerability exists in Composr-CMS version 10.0.39 and earlier versions that could be exploited by an authenticated, remote attacker to upload a PHP shell to...
CVE-2021-38709
In ocProducts Composr CMS before 10.0.38, an attacker can inject JavaScript via the staffmessaging messaging system for XSS...