Lucene search
+L

306 matches found

Cvelist
Cvelist
added 2020/12/24 7:22 p.m.22 views

CVE-2020-29247

WonderCMS 3.1.3 is affected by cross-site scripting XSS in the Admin Panel. An attacker can inject the XSS payload in Page keywords and each time any user will visit the website, the XSS triggers, and the attacker can able to steal the cookie according to the crafted payload...

4.8AI score0.00783EPSS
Exploits1References2
CVE
CVE
added 2020/12/24 7:22 p.m.68 views

CVE-2020-29247

WonderCMS 3.1.3 is affected by a cross-site scripting (XSS) vulnerability in the Admin Panel. The issue allows an attacker to inject an XSS payload via Page keywords, which triggers for each user visit and can enable cookie theft. The vulnerability is documented across multiple sources (NVD, Red ...

4.8CVSS4.8AI score0.00783EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2020/12/24 12:0 a.m.7 views

WonderCMS 跨站脚本漏洞

WonderCMS is an open source, fast, small and simple flat file cms. A cross-site scripting vulnerability exists in the "Admin Panel" of WonderCMS 3.1.3. The vulnerability can be exploited to steal cookies via page keywords...

4.8CVSS5.6AI score0.00783EPSS
Exploits1References4
Packet Storm
Packet Storm
added 2020/12/02 12:0 a.m.361 views

WonderCMS 3.1.3 Remote Code Execution

Exploit Title: WonderCMS 3.1.3 - Authenticated Remote Code Execution Date: 2020-11-27 Exploit Author: zetc0de Vendor Homepage: https://www.wondercms.com/ Software Link: https://github.com/robiso/wondercms/releases/download/3.1.3/WonderCMS-3.1.3.zip Version: 3.1.3 Tested on: Ubuntu 16.04 CVE : N/A...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/02 12:0 a.m.455 views

WonderCMS 3.1.3 - Authenticated Remote Code Execution

Exploit Title: WonderCMS 3.1.3 - Authenticated Remote Code Execution Date: 2020-11-27 Exploit Author: zetc0de Vendor Homepage: https://www.wondercms.com/ Software Link: https://github.com/robiso/wondercms/releases/download/3.1.3/WonderCMS-3.1.3.zip Version: 3.1.3 Tested on: Ubuntu 16.04 CVE :...

9.8CVSS9.7AI score0.26912EPSS
Exploits2
Exploit DB
Exploit DB
added 2020/12/02 12:0 a.m.531 views

WonderCMS 3.1.3 - Authenticated SSRF to Remote Remote Code Execution

Exploit Title: WonderCMS 3.1.3 - Authenticated SSRF to Remote Remote Code Execution Date: 2020-11-27 Exploit Author: zetc0de Vendor Homepage: https://www.wondercms.com/ Software Link: https://github.com/robiso/wondercms/releases/download/3.1.3/WonderCMS-3.1.3.zip Version: 3.1.3 Tested on: Ubuntu...

9.8CVSS9.7AI score0.45221EPSS
Exploits2
Packet Storm
Packet Storm
added 2020/12/02 12:0 a.m.402 views

WonderCMS 3.1.3 Code Execution / Server-Side Request Forgery

Exploit Title: WonderCMS 3.1.3 - Authenticated SSRF to Remote Remote Code Execution Date: 2020-11-27 Exploit Author: zetc0de Vendor Homepage: https://www.wondercms.com/ Software Link: https://github.com/robiso/wondercms/releases/download/3.1.3/WonderCMS-3.1.3.zip Version: 3.1.3 Tested on: Ubuntu...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/02 12:0 a.m.496 views

WonderCMS 3.1.3 - 'Menu' Persistent Cross-Site Scripting

Exploit Title: WonderCMS 3.1.3 - 'menu' Persistent Cross-Site Scripting Date: 20-11-2020 Exploit Author: Hemant Patidar HemantSolo Vendor Homepage: https://www.wondercms.com/ Version: 3.1.3 Tested on: Windows 10/Kali Linux Contact: https://www.linkedin.com/in/hemantsolo/ CVE: CVE-2020-29469 Attac...

5.4CVSS5.6AI score0.01371EPSS
Exploits3
Check Point Advisories
Check Point Advisories
added 2020/12/01 12:0 a.m.1 views

WonderCMS Persistent Cross-Site Scripting

A cross-site scripting vulnerability exists in WonderCMS. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...

4.7AI score
Exploits0
Packet Storm
Packet Storm
added 2020/11/27 12:0 a.m.844 views

WonderCMS 3.1.3 Cross Site Scripting

Exploit Title: WonderCMS 3.1.3 - 'uploadFile' Stored Cross-Site Scripting Google Dork: "WonderCMS" Date: 2020-11-27 Exploit Author: SunCSR Sun Cyber Security Research Vendor Homepage: https://www.wondercms.com/ Software Link:...

7.4AI score
Exploits0
CNVD
CNVD
added 2020/11/27 12:0 a.m.3 views

WonderCMS 'content' stored cross-site scripting vulnerability

WonderCMS is a PHP-based content management system. A stored cross-site scripting vulnerability exists in WonderCMS 'content'. An attacker can use the vulnerability to execute arbitrary script code in the context of the affected site...

6.6AI score
Exploits0References1
Exploit DB
Exploit DB
added 2020/11/27 12:0 a.m.893 views

WonderCMS 3.1.3 - 'uploadFile' Stored Cross-Site Scripting

Exploit Title: WonderCMS 3.1.3 - 'uploadFile' Stored Cross-Site Scripting Google Dork: "WonderCMS" Date: 2020-11-27 Exploit Author: SunCSR Sun Cyber Security Research Vendor Homepage: https://www.wondercms.com/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/11/25 12:0 a.m.1067 views

WonderCMS 3.1.3 - 'page' Persistent Cross-Site Scripting

Exploit Title: WonderCMS 3.1.3 - 'page' Persistent Cross-Site Scripting Date: 20-11-2020 Exploit Author: Mayur Parmar Vendor Homepage: https://www.wondercms.com/ Version: 3.1.3 Tested on: PopOS Stored Cross-site scriptingXSS: Stored attacks are those where the injected script is permanently store...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2020/11/20 12:0 a.m.786 views

Wonder CMS 3.1.3 Cross Site Scripting

Exploit Title: WonderCMS 3.1.3 - 'content' Persistent Cross-Site Scripting Date: 20-11-2020 Exploit Author: Hemant Patidar HemantSolo Vendor Homepage: https://www.wondercms.com/ Version: 3.1.3 Tested on: Windows 10/Kali Linux Stored Cross-site scriptingXSS: Stored XSS, also known as persistent XS...

7.4AI score
Exploits0
CNVD
CNVD
added 2020/07/22 12:0 a.m.4 views

WonderCMS Directory Traversal Vulnerability

WonderCMS is a PHP-based content management system. A directory traversal vulnerability exists in WonderCMS, which can be exploited to delete arbitrary files via directory traversal on the operating system using web server access...

7AI score
Exploits0References1
0day.today
0day.today
added 2020/07/19 12:0 a.m.946 views

WonderCMS 3.1.0 XSS / Directory Traversal / File Upload Vulnerabilities

Exploit for php platform in category web applications title: Multiple Vulnerabilities product: WonderCMS vulnerable version: =3.1.0 fixed version: - CVE number: - impact: High homepage: https://www.wondercms.com/ found: 2020-04-30 by: Calvin Phang Office Singapore SEC Consult Vulnerability Lab An...

0.2AI score
Exploits0
NVD
NVD
added 2019/09/12 5:15 p.m.17 views

CVE-2019-5956

Directory traversal vulnerability in WonderCMS 2.6.0 and earlier allows remote attackers to delete arbitrary files via unspecified vectors...

7.5CVSS6.5AI score0.01862EPSS
Exploits0References1
OSV
OSV
added 2019/09/12 5:15 p.m.13 views

CVE-2019-5956

Directory traversal vulnerability in WonderCMS 2.6.0 and earlier allows remote attackers to delete arbitrary files via unspecified vectors...

6.5CVSS7.1AI score
Exploits0References1
Prion
Prion
added 2019/09/12 5:15 p.m.20 views

Directory traversal

Directory traversal vulnerability in WonderCMS 2.6.0 and earlier allows remote attackers to delete arbitrary files via unspecified vectors...

7.5CVSS6.5AI score0.01862EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/09/12 3:58 p.m.20 views

CVE-2019-5956

Directory traversal vulnerability in WonderCMS 2.6.0 and earlier allows remote attackers to delete arbitrary files via unspecified vectors...

6.5AI score0.01862EPSS
Exploits0References1
Rows per page
Query Builder