Lucene search
+L

55 matches found

CNVD
CNVD
added 2017/02/08 12:0 a.m.6 views

MetalGenix GeniXCMS SQL Injection Vulnerability (CNVD-2017-01320)

MetalGenix GeniXCMS is a PHP-based content management system and framework CMSF from MetalGenix Indonesia, which provides modules for user management, content management and menu management. A SQL injection vulnerability exists in the inc/lib/Options.class.php file in MetalGenix GeniXCMS 0.0.8 an...

9.8CVSS9.9AI score0.02859EPSS
Exploits0References1
CNVD
CNVD
added 2017/02/08 12:0 a.m.5 views

MetalGenix GeniXCMS SQL Injection Vulnerability (CNVD-2017-01322)

MetalGenix GeniXCMS is a PHP-based content management system and framework CMSF from MetalGenix Indonesia, which provides modules for user management, content management and menu management. A SQL injection vulnerability exists in the register.php file in MetalGenix GeniXCMS 0.0.8 and earlier...

9.8CVSS9.8AI score0.02411EPSS
Exploits0References1
CNVD
CNVD
added 2017/01/16 12:0 a.m.7 views

MetalGenix GeniXCMS SQL Injection Vulnerability (CNVD-2017-00557)

MetalGenix GeniXCMS is a PHP-based content management system and framework CMSF from MetalGenix Indonesia, which provides modules for user management, content management and menu management. A SQL injection vulnerability exists in the inc/lib/Control/Ajax/tags-ajax.control.php file in MetalGenix...

8.8CVSS9.3AI score0.01552EPSS
Exploits1References1
CNVD
CNVD
added 2017/01/16 12:0 a.m.5 views

MetalGenix GeniXCMS SQL Injection Vulnerability (CNVD-2017-00559)

MetalGenix GeniXCMS is a PHP-based content management system and framework CMSF from MetalGenix Indonesia, which provides modules for user management, content management and menu management. A SQL injection vulnerability exists in the inc/mod/newsletter/options.php file in MetalGenix GeniXCMS...

7.2CVSS7.8AI score0.01414EPSS
Exploits1References1
CNVD
CNVD
added 2017/01/04 12:0 a.m.7 views

MetalGenix GeniXCMS SQL Injection Vulnerability

MetalGenix GeniXCMS is a PHP-based content management system and framework CMSF from MetalGenix Indonesia, which provides modules for user management, content management and menu management. A SQL injection vulnerability exists in the register.php file in MetalGenix GeniXCMS versions prior to...

7.5CVSS8.1AI score0.0107EPSS
Exploits0References1
seebug.org
seebug.org
added 2015/09/17 12:0 a.m.17 views

MetalGenix GeniXCMS 0.0.1 - XSS Vulnerabilities

No description provided by source...

7.1AI score
Exploits0
CNVD
CNVD
added 2015/06/26 12:0 a.m.6 views

Multiple Cross-Site Scripting Vulnerabilities in MetalGenix GeniXCMS

MetalGenix GeniXCMS is a PHP-based content management system and framework CMSF from MetalGenix Indonesia, which provides modules for user management, content management and menu management. A cross-site scripting vulnerability exists in MetalGenix GeniXCMS version 0.0.3. The vulnerability exists...

4.3CVSS6.1AI score0.03759EPSS
Exploits2References1
NVD
NVD
added 2015/06/24 2:59 p.m.19 views

CVE-2015-5066

Multiple cross-site scripting XSS vulnerabilities in the MetalGenix GeniXCMS 0.0.3 allow remote attackers to inject arbitrary web script or HTML via the 1 content or 2 title field in an add action in the posts page to index.php or the 3 q parameter in the posts page to index.php...

4.3CVSS5.7AI score0.03759EPSS
Exploits2References6
Prion
Prion
added 2015/06/24 2:59 p.m.19 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the MetalGenix GeniXCMS 0.0.3 allow remote attackers to inject arbitrary web script or HTML via the 1 content or 2 title field in an add action in the posts page to index.php or the 3 q parameter in the posts page to index.php...

4.3CVSS6AI score0.03759EPSS
Exploits2References6Affected Software1
ATTACKERKB
ATTACKERKB
added 2015/06/24 2:59 p.m.5 views

CVE-2015-5066

Multiple cross-site scripting XSS vulnerabilities in the MetalGenix GeniXCMS 0.0.3 allow remote attackers to inject arbitrary web script or HTML via the 1 content or 2 title field in an add action in the posts page to index.php or the 3 q parameter in the posts page to index.php...

4.3CVSS5.4AI score0.03759EPSS
Exploits2References7
CVE
CVE
added 2015/06/24 2:0 p.m.53 views

CVE-2015-5066

CVE-2015-5066 affects MetalGenix GeniXCMS 0.0.3. The root cause is inadequate input filtering in the index.php script for the posts page: (1) content field, (2) title field during the add action, and (3) q parameter, enabling remote attackers to inject arbitrary web script or HTML (XSS). This vul...

4.3CVSS7.8AI score0.03759EPSS
Exploits2References6Affected Software1
Cvelist
Cvelist
added 2015/06/24 2:0 p.m.31 views

CVE-2015-5066

Multiple cross-site scripting XSS vulnerabilities in the MetalGenix GeniXCMS 0.0.3 allow remote attackers to inject arbitrary web script or HTML via the 1 content or 2 title field in an add action in the posts page to index.php or the 3 q parameter in the posts page to index.php...

8.1AI score0.03759EPSS
Exploits2References6
CNVD
CNVD
added 2015/03/24 12:0 a.m.5 views

Multiple Cross-Site Scripting Vulnerabilities in MetalGenix GeniXCMS

MetalGenix GeniXCMS is a content management system. MetalGenix GeniXCMS suffers from multiple cross-site scripting vulnerabilities. The vulnerabilities allow remote attackers to inject malicious script or HTML code, which can be used to obtain sensitive information or hijack user sessions when...

4.3CVSS6.3AI score0.05358EPSS
Exploits2References1
CNVD
CNVD
added 2015/03/24 12:0 a.m.5 views

MetalGenix GeniXCMS SQL Injection Vulnerability

MetalGenix GeniXCMS is a content management system. MetalGenix GeniXCMS suffers from a SQL injection vulnerability. This vulnerability allows attackers to submit specially crafted SQL queries to manipulate or obtain database data...

7.5CVSS7.9AI score0.05575EPSS
Exploits2References1
NVD
NVD
added 2015/03/23 4:59 p.m.23 views

CVE-2015-2680

Cross-site request forgery CSRF vulnerability in MetalGenix GeniXCMS before 0.0.2 allows remote attackers to hijack the authentication of administrators for requests that add an administrator account via a request in the users page to gxadmin/index.php...

6.8CVSS8.9AI score0.03907EPSS
Exploits2References9
NVD
NVD
added 2015/03/23 4:59 p.m.15 views

CVE-2015-2679

Multiple SQL injection vulnerabilities in MetalGenix GeniXCMS before 0.0.2 allow remote attackers to execute arbitrary SQL commands via the 1 page parameter to index.php or 2 username parameter to gxadmin/login.php...

7.5CVSS8.5AI score0.05575EPSS
Exploits2References10
NVD
NVD
added 2015/03/23 4:59 p.m.17 views

CVE-2015-2678

Multiple cross-site scripting XSS vulnerabilities in MetalGenix GeniXCMS before 0.0.2 allow remote attackers to inject arbitrary web script or HTML via the 1 cat parameter in the categories page to gxadmin/index.php or 2 page parameter to index.php...

4.3CVSS5.8AI score0.05358EPSS
Exploits2References8
Prion
Prion
added 2015/03/23 4:59 p.m.15 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in MetalGenix GeniXCMS before 0.0.2 allow remote attackers to inject arbitrary web script or HTML via the 1 cat parameter in the categories page to gxadmin/index.php or 2 page parameter to index.php...

4.3CVSS6AI score0.05358EPSS
Exploits2References8Affected Software1
Prion
Prion
added 2015/03/23 4:59 p.m.16 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in MetalGenix GeniXCMS before 0.0.2 allows remote attackers to hijack the authentication of administrators for requests that add an administrator account via a request in the users page to gxadmin/index.php...

6.8CVSS7.5AI score0.03907EPSS
Exploits2References9Affected Software1
Prion
Prion
added 2015/03/23 4:59 p.m.16 views

Sql injection

Multiple SQL injection vulnerabilities in MetalGenix GeniXCMS before 0.0.2 allow remote attackers to execute arbitrary SQL commands via the 1 page parameter to index.php or 2 username parameter to gxadmin/login.php...

7.5CVSS9.2AI score0.05575EPSS
Exploits2References10Affected Software1
Rows per page
Query Builder