CVE-2026-5362

An authenticated attacker with permission to edit document content can store crafted HTML/JavaScript in a Document embed editable and cause script execution when the published page is rendered. This issue affects pimcore: v12.3.3...

CVE-2026-5362

An authenticated attacker with permission to edit document content can store crafted HTML/JavaScript in a Document embed editable and cause script execution when the published page is rendered. This issue affects pimcore: v12.3.3...

CVE-2025-15456

A vulnerability has been found in bg5sbk MiniCMS up to 1.8. The affected element is an unknown function of the file /mc-admin/page-edit.php of the component Publish Page Handler. Such manipulation leads to improper authentication. The attack may be performed from remote. The exploit has been...

CVE-2025-15456

A vulnerability has been found in bg5sbk MiniCMS up to 1.8. The affected element is an unknown function of the file /mc-admin/page-edit.php of the component Publish Page Handler. Such manipulation leads to improper authentication. The attack may be performed from remote. The exploit has been...

CVE-2025-15456

A vulnerability has been found in bg5sbk MiniCMS up to 1.8. The affected element is an unknown function of the file /mc-admin/page-edit.php of the component Publish Page Handler. Such manipulation leads to improper authentication. The attack may be performed from remote. The exploit has been...

CVE-2025-15456 bg5sbk MiniCMS Publish page-edit.php improper authentication

A vulnerability has been found in bg5sbk MiniCMS up to 1.8. The affected element is an unknown function of the file /mc-admin/page-edit.php of the component Publish Page Handler. Such manipulation leads to improper authentication. The attack may be performed from remote. The exploit has been...

CVE-2025-15456

CVE-2025-15456 affects bg5sbk MiniCMS versions up to 1.8. The vulnerability targets an unknown function in the file /mc-admin/page-edit.php of the Publish Page Handler, enabling improper authentication and potentially allowing remote exploitation. Multiple sources note that the exploit has been d...

PT-2026-1210

Name of the Vulnerable Software and Affected Versions bg5sbk MiniCMS versions up to 1.8 Description A flaw exists in bg5sbk MiniCMS that allows for improper authentication. This issue affects the Publish Page Handler component, specifically an unknown function within the /mc-admin/page-edit.php...

MiniCMS 授权问题漏洞

MiniCMS is a mini content management system designed for personal websites by the individual developer of Dada bg5sbk. An authorization issue vulnerability exists in MiniCMS 1.8 and earlier versions, which stems from incorrect manipulation of the file /mc-admin/page-edit.php of the component...

Stored Cross-Site Scripting Vulnerability in Backdrop CMS Published Article Pages

Backdrop CMS is a foreign open source, free CMS system for small and medium-sized businesses and non-profit organizations. A stored cross-site scripting vulnerability exists in the Backdrop CMS publish article page. An attacker can insert malicious js code into the page to obtain user cookies and...