7 matches found
CVE-2017-20064
A vulnerability was found in Elefant CMS 1.3.12-RC. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /designer/add/layout. The manipulation leads to code injection. The attack can be launched remotely. Upgrading to version 1.3.13 is able to...
CVE-2017-20063
A vulnerability was found in Elefant CMS 1.3.12-RC. It has been classified as critical. Affected is an unknown function of the file /filemanager/upload/drop of the component File Upload. The manipulation leads to improper privilege management. It is possible to launch the attack remotely. Upgradi...
CVE-2017-20061
A vulnerability has been found in Elefant CMS 1.3.12-RC and classified as problematic. This vulnerability affects unknown code of the file /admin/extended. The manipulation of the argument name with the input %3Cimg%20src=no%20onerror=alert1%3E leads to basic cross site scripting Reflected. The...
Elefant CMS 代码注入漏洞
Elefant CMS is a simple PHP content management system and web framework by Canadian John de Plume, an individual developer. A security vulnerability exists in Elefant CMS version 1.3.12-RC, which can be exploited by remote attackers to perform code injection attacks...
Elefant CMS 跨站脚本漏洞
Elefant CMS is a simple PHP content management system and web framework by Canadian John de Plume, an individual developer. A security vulnerability exists in Elefant CMS version 1.3.12-RC, which can be exploited by attackers to perform cross-site scripting attacks...
Code execution vulnerability in Elefant CMS 2.0.8 backend
Elefant CMS is a PHP-based content management system CMS. The system includes features such as an events calendar, contact form, social media integration and member login. A code execution vulnerability exists in the Elefant CMS 2.0.8 backend at Add Language List, which stems from a failure to...
Elefant CMS Code Execution Vulnerability
Elefant CMS is a PHP-based content management system CMS. The system includes features such as an events calendar, contact form, social media integration and member login. A security vulnerability exists in the apps/filemanager/upload/drop.php file in Elefant CMS versions prior to 2.0.7. An...