306 matches found
CVE-2020-29247
WonderCMS 3.1.3 is affected by cross-site scripting XSS in the Admin Panel. An attacker can inject the XSS payload in Page keywords and each time any user will visit the website, the XSS triggers, and the attacker can able to steal the cookie according to the crafted payload...
CVE-2020-29247
WonderCMS 3.1.3 is affected by a cross-site scripting (XSS) vulnerability in the Admin Panel. The issue allows an attacker to inject an XSS payload via Page keywords, which triggers for each user visit and can enable cookie theft. The vulnerability is documented across multiple sources (NVD, Red ...
WonderCMS 跨站脚本漏洞
WonderCMS is an open source, fast, small and simple flat file cms. A cross-site scripting vulnerability exists in the "Admin Panel" of WonderCMS 3.1.3. The vulnerability can be exploited to steal cookies via page keywords...
WonderCMS 3.1.3 Remote Code Execution
Exploit Title: WonderCMS 3.1.3 - Authenticated Remote Code Execution Date: 2020-11-27 Exploit Author: zetc0de Vendor Homepage: https://www.wondercms.com/ Software Link: https://github.com/robiso/wondercms/releases/download/3.1.3/WonderCMS-3.1.3.zip Version: 3.1.3 Tested on: Ubuntu 16.04 CVE : N/A...
WonderCMS 3.1.3 - Authenticated Remote Code Execution
Exploit Title: WonderCMS 3.1.3 - Authenticated Remote Code Execution Date: 2020-11-27 Exploit Author: zetc0de Vendor Homepage: https://www.wondercms.com/ Software Link: https://github.com/robiso/wondercms/releases/download/3.1.3/WonderCMS-3.1.3.zip Version: 3.1.3 Tested on: Ubuntu 16.04 CVE :...
WonderCMS 3.1.3 - Authenticated SSRF to Remote Remote Code Execution
Exploit Title: WonderCMS 3.1.3 - Authenticated SSRF to Remote Remote Code Execution Date: 2020-11-27 Exploit Author: zetc0de Vendor Homepage: https://www.wondercms.com/ Software Link: https://github.com/robiso/wondercms/releases/download/3.1.3/WonderCMS-3.1.3.zip Version: 3.1.3 Tested on: Ubuntu...
WonderCMS 3.1.3 Code Execution / Server-Side Request Forgery
Exploit Title: WonderCMS 3.1.3 - Authenticated SSRF to Remote Remote Code Execution Date: 2020-11-27 Exploit Author: zetc0de Vendor Homepage: https://www.wondercms.com/ Software Link: https://github.com/robiso/wondercms/releases/download/3.1.3/WonderCMS-3.1.3.zip Version: 3.1.3 Tested on: Ubuntu...
WonderCMS 3.1.3 - 'Menu' Persistent Cross-Site Scripting
Exploit Title: WonderCMS 3.1.3 - 'menu' Persistent Cross-Site Scripting Date: 20-11-2020 Exploit Author: Hemant Patidar HemantSolo Vendor Homepage: https://www.wondercms.com/ Version: 3.1.3 Tested on: Windows 10/Kali Linux Contact: https://www.linkedin.com/in/hemantsolo/ CVE: CVE-2020-29469 Attac...
WonderCMS Persistent Cross-Site Scripting
A cross-site scripting vulnerability exists in WonderCMS. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...
WonderCMS 3.1.3 Cross Site Scripting
Exploit Title: WonderCMS 3.1.3 - 'uploadFile' Stored Cross-Site Scripting Google Dork: "WonderCMS" Date: 2020-11-27 Exploit Author: SunCSR Sun Cyber Security Research Vendor Homepage: https://www.wondercms.com/ Software Link:...
WonderCMS 'content' stored cross-site scripting vulnerability
WonderCMS is a PHP-based content management system. A stored cross-site scripting vulnerability exists in WonderCMS 'content'. An attacker can use the vulnerability to execute arbitrary script code in the context of the affected site...
WonderCMS 3.1.3 - 'uploadFile' Stored Cross-Site Scripting
Exploit Title: WonderCMS 3.1.3 - 'uploadFile' Stored Cross-Site Scripting Google Dork: "WonderCMS" Date: 2020-11-27 Exploit Author: SunCSR Sun Cyber Security Research Vendor Homepage: https://www.wondercms.com/ Software Link:...
WonderCMS 3.1.3 - 'page' Persistent Cross-Site Scripting
Exploit Title: WonderCMS 3.1.3 - 'page' Persistent Cross-Site Scripting Date: 20-11-2020 Exploit Author: Mayur Parmar Vendor Homepage: https://www.wondercms.com/ Version: 3.1.3 Tested on: PopOS Stored Cross-site scriptingXSS: Stored attacks are those where the injected script is permanently store...
Wonder CMS 3.1.3 Cross Site Scripting
Exploit Title: WonderCMS 3.1.3 - 'content' Persistent Cross-Site Scripting Date: 20-11-2020 Exploit Author: Hemant Patidar HemantSolo Vendor Homepage: https://www.wondercms.com/ Version: 3.1.3 Tested on: Windows 10/Kali Linux Stored Cross-site scriptingXSS: Stored XSS, also known as persistent XS...
WonderCMS Directory Traversal Vulnerability
WonderCMS is a PHP-based content management system. A directory traversal vulnerability exists in WonderCMS, which can be exploited to delete arbitrary files via directory traversal on the operating system using web server access...
WonderCMS 3.1.0 XSS / Directory Traversal / File Upload Vulnerabilities
Exploit for php platform in category web applications title: Multiple Vulnerabilities product: WonderCMS vulnerable version: =3.1.0 fixed version: - CVE number: - impact: High homepage: https://www.wondercms.com/ found: 2020-04-30 by: Calvin Phang Office Singapore SEC Consult Vulnerability Lab An...
CVE-2019-5956
Directory traversal vulnerability in WonderCMS 2.6.0 and earlier allows remote attackers to delete arbitrary files via unspecified vectors...
CVE-2019-5956
Directory traversal vulnerability in WonderCMS 2.6.0 and earlier allows remote attackers to delete arbitrary files via unspecified vectors...
Directory traversal
Directory traversal vulnerability in WonderCMS 2.6.0 and earlier allows remote attackers to delete arbitrary files via unspecified vectors...
CVE-2019-5956
Directory traversal vulnerability in WonderCMS 2.6.0 and earlier allows remote attackers to delete arbitrary files via unspecified vectors...