468 matches found
opencms.org XSS vulnerability
Open Bug Bounty ID: OBB-662005 Description| Value ---|--- Affected Website:| opencms.org Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| hidden unti...
OpenCMS 10.5.3 - Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: OpenCMS 10.5.3 Stored Cross Site Scripting Vulnerability Google Dork: N/A Date: 02-04-2018 Exploit Author: Sureshbabu Narvaneni Author Blog : http://nullnews.in Vendor Homepage: http://www.opencms.org/en/ Software Link:...
OpenCMS 10.5.3 - Cross-Site Request Forgery Vulnerability
Exploit for php platform in category web applications Exploit Title: OpenCMS 10.5.3 Multiple Cross Site Request Forgery Vulnerabilities Injection Google Dork: N/A Date: 02-04-2018 Exploit Author: Sureshbabu Narvaneni Author Blog : http://nullnews.in Vendor Homepage: http://www.opencms.org/en/...
OpenCMS 10.5.3 Cross Site Scripting
Exploit Title: OpenCMS 10.5.3 Stored Cross Site Scripting Vulnerability Google Dork: N/A Date: 02-04-2018 Exploit Author: Sureshbabu Narvaneni Author Blog : http://nullnews.in Vendor Homepage: http://www.opencms.org/en/ Software Link:...
OpenCMS 10.5.3 - Cross-Site Scripting
OpenCMS 10.5.3 - Cross-Site Scripting Exploit Title: OpenCMS 10.5.3 Stored Cross Site Scripting Vulnerability Google Dork: N/A Date: 02-04-2018 Exploit Author: Sureshbabu Narvaneni Author Blog : http://nullnews.in Vendor Homepage: http://www.opencms.org/en/ Software Link:...
OpenCMS 10.5.3 - Cross-Site Request Forgery
OpenCMS 10.5.3 - Cross-Site Request Forgery Exploit Title: OpenCMS 10.5.3 Multiple Cross Site Request Forgery Vulnerabilities Injection Google Dork: N/A Date: 02-04-2018 Exploit Author: Sureshbabu Narvaneni Author Blog : http://nullnews.in Vendor Homepage: http://www.opencms.org/en/ Software Link...
OpenCMS 10.5.3 Cross Site Request Forgery
Exploit Title: OpenCMS 10.5.3 Multiple Cross Site Request Forgery Vulnerabilities Injection Google Dork: N/A Date: 02-04-2018 Exploit Author: Sureshbabu Narvaneni Author Blog : http://nullnews.in Vendor Homepage: http://www.opencms.org/en/ Software Link:...
OpenCMS 10.5.3 - Cross-Site Request Forgery
Exploit Title: OpenCMS 10.5.3 Multiple Cross Site Request Forgery Vulnerabilities Injection Google Dork: N/A Date: 02-04-2018 Exploit Author: Sureshbabu Narvaneni Author Blog : http://nullnews.in Vendor Homepage: http://www.opencms.org/en/ Software Link:...
OpenCMS 10.5.3 - Cross-Site Scripting
Exploit Title: OpenCMS 10.5.3 Stored Cross Site Scripting Vulnerability Google Dork: N/A Date: 02-04-2018 Exploit Author: Sureshbabu Narvaneni Author Blog : http://nullnews.in Vendor Homepage: http://www.opencms.org/en/ Software Link:...
Alkacon OpenCms Cross-Site Request Forgery Vulnerability
Alkacon OpenCms is the German Alkacon Software's set of open source Java and XML-based content management system CMS. The system supports template engine , WYSIWYG editor and so on. A cross-site request forgery vulnerability exists in the system/workplace/admin/accounts/userrole.jsp file in Alkac...
Alkacon OpenCMS gallery feature cross-site scripting vulnerability
Alkacon OpenCms is the German Alkacon Software's set of open source Java and XML-based content management system CMS. The system supports template engine , WYSIWYG editor and so on. A cross-site scripting vulnerability exists in the gallery feature in Alkacon OpenCMS version 10.5.3. A remote...
CVE-2018-8815
Cross-site scripting XSS vulnerability in the gallery function in Alkacon OpenCMS 10.5.3 allows remote attackers to inject arbitrary web script or HTML via a malicious SVG image...
Cross site request forgery (csrf)
DISPUTED Cross-site request forgery CSRF vulnerability in system/workplace/admin/accounts/userrole.jsp in OpenCMS 10.5.3 allows remote attackers to hijack the authentication of administrative users for requests that perform privilege escalation. Note: It is argued that OpenCMS allows only...
Cross site scripting
Cross-site scripting XSS vulnerability in the gallery function in Alkacon OpenCMS 10.5.3 allows remote attackers to inject arbitrary web script or HTML via a malicious SVG image...
CVE-2018-8815
Cross-site scripting XSS vulnerability in the gallery function in Alkacon OpenCMS 10.5.3 allows remote attackers to inject arbitrary web script or HTML via a malicious SVG image...
CVE-2018-8811
Cross-site request forgery CSRF vulnerability in system/workplace/admin/accounts/userrole.jsp in OpenCMS 10.5.3 allows remote attackers to hijack the authentication of administrative users for requests that perform privilege escalation. Note: It is argued that OpenCMS allows only registered users...
CVE-2018-8815
Cross-site scripting XSS vulnerability in the gallery function in Alkacon OpenCMS 10.5.3 allows remote attackers to inject arbitrary web script or HTML via a malicious SVG image...
CVE-2018-8811
Cross-site request forgery CSRF vulnerability in system/workplace/admin/accounts/userrole.jsp in OpenCMS 10.5.3 allows remote attackers to hijack the authentication of administrative users for requests that perform privilege escalation. Note: It is argued that OpenCMS allows only registered users...
CVE-2018-8811
Cross-site request forgery CSRF vulnerability in system/workplace/admin/accounts/userrole.jsp in OpenCMS 10.5.3 allows remote attackers to hijack the authentication of administrative users for requests that perform privilege escalation. Note: It is argued that OpenCMS allows only registered users...
CVE-2018-8811
OpenCMS 10.5.3 is affected by a CSRF vulnerability in system/workplace/admin/accounts/user_role.jsp that can lead to privilege escalation by hijacking an admin session. Exploitation requires the attacker to have a CMS account with content-manager privileges; multiple public exploits (Exploit-DB, ...