CVE-2020-23657

NavigateCMS 2.9 is affected by Cross Site Scripting XSS on module "Configuration."...

CVE-2020-23655

NavigateCMS 2.9 is affected by Cross Site Scripting XSS on module "Configuration."...

CVE-2020-23711

SQL Injection vulnerability in NavigateCMS 2.9 via the URL encoded GET input category in navigate.php...

CVE-2020-23654

NavigateCMS 2.9 is affected by Cross Site Scripting XSS via the module "Shop."...

Cross-site Scripting (XSS) - Reflected in navigatecms/navigate-cms

Description Cross-Site Scripting is vulnerability which allows attackers to execute arbitrary javascript code in the browser of victim. Proof of Concept Parameter: id Payload: alertdocument.cookie Affected endpoints: On Firefox browser, visit: 1...

NavigateCMS Access Control Error Vulnerability

NavigateCMS is a content management system. An access control error vulnerability exists in version 2.9 of NavigateCMS, which stems from the fact that the ID in the product/navigate/navigatedownload.php file does not properly validate the data entered. An attacker could exploit this vulnerability...

CVE-2021-44351

An arbitrary file read vulnerability exists in NavigateCMS 2.9 via /navigate/navigatedownload.php id parameter...

CVE-2021-44351

An arbitrary file read vulnerability exists in NavigateCMS 2.9 via /navigate/navigatedownload.php id parameter...

Arbitrary file deletion

An arbitrary file read vulnerability exists in NavigateCMS 2.9 via /navigate/navigatedownload.php id parameter...

CVE-2021-44351

CVE-2021-44351 affects NavigateCMS 2.9. The vulnerability is an arbitrary file read via /navigate/navigate_download.php id parameter due to improper validation in the navigate_download.php handler. The root cause is insufficient input validation of the id parameter in that file, enabling an attac...

CVE-2021-44351

An arbitrary file read vulnerability exists in NavigateCMS 2.9 via /navigate/navigatedownload.php id parameter...

NavigateCMS 路径遍历漏洞

NavigateCMS is a content management system. An access control error vulnerability exists in version 2.9 of NavigateCMS, which stems from the fact that the ID in the product/navigate/navigatedownload.php file does not properly validate the data entered. An attacker could exploit this vulnerability...

CVE-2020-23242

Cross Site Scripting XSS vulnerability in NavigateCMS 2.9 when performing a Create or Edit via the Tools feature...

CVE-2020-23243

Cross Site Scripting XSS vulnerability in NavigateCMS NavigateCMS 2.9 via the name="wrongpathredirect" feature...

CVE-2020-23242

Cross Site Scripting XSS vulnerability in NavigateCMS 2.9 when performing a Create or Edit via the Tools feature...

CVE-2020-23243

Cross Site Scripting XSS vulnerability in NavigateCMS NavigateCMS 2.9 via the name="wrongpathredirect" feature...

Cross site scripting

Cross Site Scripting XSS vulnerability in NavigateCMS 2.9 when performing a Create or Edit via the Tools feature...

Cross site scripting

Cross Site Scripting XSS vulnerability in NavigateCMS NavigateCMS 2.9 via the name="wrongpathredirect" feature...

CVE-2020-23243

Summary (CVE-2020-23243): A cross-site scripting (XSS) vulnerability in NavigateCMS 2.9 is accessible via the name="wrong_path_redirect" feature. Public descriptions across multiple sources (NVD, Red Hat, CNVD, CNNVD, CVE list) confirm the issue; no product/vendor/version details beyond NavigateC...

CVE-2020-23243

Cross Site Scripting XSS vulnerability in NavigateCMS NavigateCMS 2.9 via the name="wrongpathredirect" feature...