314 matches found
GHSA-XF2G-C66G-5F5R GeniXCMS Cross-site Scripting (XSS) vulnerability via id parameter
In GeniXCMS 1.1.4, /inc/lib/backend/menus.control.php has XSS via the id parameter...
GHSA-3C7G-P9JX-8CGM GeniXCMS Cross-site Scripting (XSS) via the Menu ID field
In GeniXCMS 1.1.4, gxadmin/index.php has XSS via the Menu ID field in a page=menus request...
MetalGenix GeniXCMS vulnerable to SQL Injection
Multiple SQL injection vulnerabilities in inc/lib/User.class.php in MetalGenix GeniXCMS before 0.0.3-patch allow remote attackers to execute arbitrary SQL commands via the 1 email parameter or 2 userid parameter to register.php...
GHSA-Q4HW-62MX-Q37W MetalGenix GeniXCMS vulnerable to SQL Injection
Multiple SQL injection vulnerabilities in inc/lib/User.class.php in MetalGenix GeniXCMS before 0.0.3-patch allow remote attackers to execute arbitrary SQL commands via the 1 email parameter or 2 userid parameter to register.php...
GeniXCMS XSS Vulnerability
GeniXCMS 1.1.5 has XSS via the from, id, lang, menuid, mod, q, status, term, to, or token parameter. NOTE: this might overlap CVE-2017-14761, CVE-2017-14762, or CVE-2017-14765...
GHSA-PWR7-J6G3-HMX6 GeniXCMS XSS Vulnerability
GeniXCMS 1.1.5 has XSS via the from, id, lang, menuid, mod, q, status, term, to, or token parameter. NOTE: this might overlap CVE-2017-14761, CVE-2017-14762, or CVE-2017-14765...
GeniXCMS Cross-site scripting (XSS) vulnerability
Cross-site scripting XSS vulnerability in GeniXCMS 1.1.0 allows remote authenticated users to inject arbitrary web script or HTML via the Menu ID when adding a menu...
GHSA-478J-MCRR-3877 GeniXCMS Cross-site scripting (XSS) vulnerability
Cross-site scripting XSS vulnerability in GeniXCMS 1.1.0 allows remote authenticated users to inject arbitrary web script or HTML via the Menu ID when adding a menu...
GHSA-2PPW-6XVG-RWGW GeniXCMS SQL injection vulnerability
SQL injection vulnerability in inc/lib/Control/Backend/posts.control.php in GeniXCMS 0.0.8 allows remote authenticated administrators to execute arbitrary SQL commands via the id parameter to gxadmin/index.php...
GeniXCMS SQL injection vulnerability
SQL injection vulnerability in inc/lib/Control/Backend/posts.control.php in GeniXCMS 0.0.8 allows remote authenticated administrators to execute arbitrary SQL commands via the id parameter to gxadmin/index.php...
GHSA-559C-W54X-8342 GeniXCMS Mailbox validation logic vulnerability
GeniXCMS 1.0.2 allows remote attackers to bypass the alertDanger MSGUSEREMAILEXIST protection mechanism via a register.php?act=edit&id=1 request...
GeniXCMS Mailbox validation logic vulnerability
GeniXCMS 1.0.2 allows remote attackers to bypass the alertDanger MSGUSEREMAILEXIST protection mechanism via a register.php?act=edit&id=1 request...
GeniXCMS arbitrary PHP code execution
In the Install Themes page in GeniXCMS 1.1.4, remote authenticated users can execute arbitrary PHP code via a .php file in a ZIP archive of a theme...
GHSA-2F6R-892P-69G5 GeniXCMS arbitrary PHP code execution
In the Install Themes page in GeniXCMS 1.1.4, remote authenticated users can execute arbitrary PHP code via a .php file in a ZIP archive of a theme...
GHSA-5MWX-F6W6-7W5R Cross-site Scripting in GeniXCMS
In Genixcms v1.1.11, a stored Cross-Site Scripting XSS vulnerability exists in /gxadmin/index.php?page=themes&view=options" via the introtitle and introimage parameters...
Cross-site Scripting in GeniXCMS
In Genixcms v1.1.11, a stored Cross-Site Scripting XSS vulnerability exists in /gxadmin/index.php?page=themes&view=options" via the introtitle and introimage parameters...
CVE-2022-24563
In Genixcms v1.1.11, a stored Cross-Site Scripting XSS vulnerability exists in /gxadmin/index.php?page=themes&view=options" via the introtitle and introimage parameters...
CVE-2022-24563
In Genixcms v1.1.11, a stored Cross-Site Scripting XSS vulnerability exists in /gxadmin/index.php?page=themes&view=options" via the introtitle and introimage parameters...
CVE-2022-24563
In Genixcms v1.1.11, a stored Cross-Site Scripting XSS vulnerability exists in /gxadmin/index.php?page=themes&view=options" via the introtitle and introimage parameters...
Cross site scripting
In Genixcms v1.1.11, a stored Cross-Site Scripting XSS vulnerability exists in /gxadmin/index.php?page=themes&view=options" via the introtitle and introimage parameters...