Lucene search
K

7 matches found

OSV
OSV
added 2022/06/20 5:15 a.m.2 views

CVE-2017-20064

A vulnerability was found in Elefant CMS 1.3.12-RC. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /designer/add/layout. The manipulation leads to code injection. The attack can be launched remotely. Upgrading to version 1.3.13 is able to...

8.8CVSS5.5AI score
Exploits0References2
OSV
OSV
added 2022/06/20 5:15 a.m.3 views

CVE-2017-20063

A vulnerability was found in Elefant CMS 1.3.12-RC. It has been classified as critical. Affected is an unknown function of the file /filemanager/upload/drop of the component File Upload. The manipulation leads to improper privilege management. It is possible to launch the attack remotely. Upgradi...

8.8CVSS5.3AI score0.00822EPSS
Exploits1References2
OSV
OSV
added 2022/06/20 5:15 a.m.4 views

CVE-2017-20061

A vulnerability has been found in Elefant CMS 1.3.12-RC and classified as problematic. This vulnerability affects unknown code of the file /admin/extended. The manipulation of the argument name with the input %3Cimg%20src=no%20onerror=alert1%3E leads to basic cross site scripting Reflected. The...

5.4CVSS4.4AI score0.00434EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/06/20 12:0 a.m.12 views

Elefant CMS 代码注入漏洞

Elefant CMS is a simple PHP content management system and web framework by Canadian John de Plume, an individual developer. A security vulnerability exists in Elefant CMS version 1.3.12-RC, which can be exploited by remote attackers to perform code injection attacks...

8.8CVSS5.9AI score0.01044EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/06/20 12:0 a.m.4 views

Elefant CMS 跨站脚本漏洞

Elefant CMS is a simple PHP content management system and web framework by Canadian John de Plume, an individual developer. A security vulnerability exists in Elefant CMS version 1.3.12-RC, which can be exploited by attackers to perform cross-site scripting attacks...

6.1CVSS5.2AI score0.00553EPSS
Exploits0References3
CNVD
CNVD
added 2018/12/18 12:0 a.m.3 views

Code execution vulnerability in Elefant CMS 2.0.8 backend

Elefant CMS is a PHP-based content management system CMS. The system includes features such as an events calendar, contact form, social media integration and member login. A code execution vulnerability exists in the Elefant CMS 2.0.8 backend at Add Language List, which stems from a failure to...

7.8AI score
Exploits0
CNVD
CNVD
added 2018/09/21 12:0 a.m.3 views

Elefant CMS Code Execution Vulnerability

Elefant CMS is a PHP-based content management system CMS. The system includes features such as an events calendar, contact form, social media integration and member login. A security vulnerability exists in the apps/filemanager/upload/drop.php file in Elefant CMS versions prior to 2.0.7. An...

9.8CVSS9.5AI score0.03565EPSS
Exploits1References1
Rows per page
Query Builder