8 matches found
Concrete CMS 9.4.3 - Stored XSS
Exploit Title: Concrete CMS 9.4.3 - Stored XSS Date: 2/09/2025 Exploit Author: Chokri Hammedi Vendor Homepage: https://www.concretecms.org/ Software Link: https://www.concretecms.org/downloadfile/8e11ad24-cc1e-4880-8553-7c18ede22c50/2658 Version: 9.4.3 CVE : CVE-2025-8573 Tested on: Windows XP ''...
๐ Concrete CMS 9.4.3 Cross Site Scripting
Concrete CMS version 9.4.3 suffers from a persistent cross site scripting vulnerability. Exploit Title: Concrete CMS version 9.4.3 - Stored XSS Date: 2/09/2025 Exploit Author: Chokri Hammedi Vendor Homepage: https://www.concretecms.org/ Software Link:...
Concrete CMS Cross-site Scripting vulnerability
Multiple Cross Site Scripting XSS vulnerabilities in Concrete CMS v.9.2.1 allow an attacker to execute arbitrary code via a crafted script to the Header and Footer Tracking Codes of the SEO & Statistics...
CVE-2023-44760
Multiple Cross Site Scripting XSS vulnerabilities in Concrete CMS v.9.2.1 allow an attacker to execute arbitrary code via a crafted script to the Header and Footer Tracking Codes of the SEO & Statistics. NOTE: the vendor disputes this because these header/footer changes can only be made by an...
CVE-2023-44760
Multiple Cross Site Scripting XSS vulnerabilities in Concrete CMS v.9.2.1 allow an attacker to execute arbitrary code via a crafted script to the Header and Footer Tracking Codes of the SEO & Statistics. NOTE: the vendor disputes this because these header/footer changes can only be made by an...
Cross site scripting
Multiple Cross Site Scripting XSS vulnerabilities in Concrete CMS v.9.2.1 allow an attacker to execute arbitrary code via a crafted script to the Header and Footer Tracking Codes of the SEO & Statistics. NOTE: the vendor disputes this because these header/footer changes can only be made by an...
CVE-2023-44760
Multiple Cross Site Scripting XSS vulnerabilities in Concrete CMS v.9.2.1 allow an attacker to execute arbitrary code via a crafted script to the Header and Footer Tracking Codes of the SEO & Statistics. NOTE: the vendor disputes this because these header/footer changes can only be made by an...
PT-2023-29284 ยท Unknown ยท Concrete Cms
Name of the Vulnerable Software and Affected Versions: Concrete CMS version 9.2.1 Description: The issue concerns multiple Cross Site Scripting XSS vulnerabilities that allow an attacker to execute arbitrary code via a crafted script. This can be done by exploiting the Header and Footer Tracking...