Lucene search
+L

306 matches found

Positive Technologies
Positive Technologies
added 2018/01/26 12:0 a.m.9 views

PT-2018-5678 · Wondercms · Wondercms

Name of the Vulnerable Software and Affected Versions: WonderCMS version 2.3.1 Description: The application's input fields accept arbitrary user input, resulting in the execution of malicious JavaScript. It is noted that the vendor disputes this issue, stating it is a feature that enables only a...

6.1CVSS7.3AI score0.01197EPSS
Exploits2References5
CNVD
CNVD
added 2017/06/23 12:0 a.m.2 views

WonderCMS Cross-Site Request Forgery Vulnerability

WonderCMS is a PHP-based content management system. A cross-site request forgery vulnerability exists in WonderCMS. A remote attacker can exploit this vulnerability to perform unauthorized operations with null values or malformed command identifiers...

7.1AI score
Exploits0References1
Packet Storm
Packet Storm
added 2017/06/20 12:0 a.m.29 views

WonderCMS 2.1.0 Cross Site Request Forgery

document.forms0.submit; !-- Disclosure Timeline: --------------------- 2017-06-16: Vulnerability found. 2017-06-17: Reported to vendor. 2017-06-17: Vendor responded and send a new version for test in it. 2017-06-17: Test new version and vulernability patched successfully. 2017-06-18: Vendor...

0.5AI score
Exploits0
0day.today
0day.today
added 2017/06/20 12:0 a.m.55 views

WonderCMS 2.1.0 - Cross-Site Request Forgery Vulnerability

Exploit for php platform in category web applications document.forms0.submit; !-- Disclosure Timeline: --------------------- 2017-06-16: Vulnerability found. 2017-06-17: Reported to vendor. 2017-06-17: Vendor responded and send a new version for test in it. 2017-06-17: Test new version and...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/06/19 12:0 a.m.28 views

WonderCMS 2.1.0 - Cross-Site Request Forgery

document.forms0.submit; !-- Disclosure Timeline: --------------------- 2017-06-16: Vulnerability found. 2017-06-17: Reported to vendor. 2017-06-17: Vendor responded and send a new version for test in it. 2017-06-17: Test new version and vulernability patched successfully. 2017-06-18: Vendor...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2017/06/19 12:0 a.m.21 views

WonderCMS 2.1.0 - Cross-Site Request Forgery

WonderCMS 2.1.0 - Cross-Site Request Forgery document.forms0.submit; !-- Disclosure Timeline: --------------------- 2017-06-16: Vulnerability found. 2017-06-17: Reported to vendor. 2017-06-17: Vendor responded and send a new version for test in it. 2017-06-17: Test new version and vulernability...

0.4AI score
Exploits0
NVD
NVD
added 2017/04/21 2:59 a.m.12 views

CVE-2017-7951

WonderCMS before 2.0.3 has CSRF because of lack of a token in an unspecified context...

8.8CVSS8.8AI score0.00565EPSS
Exploits0References2
Prion
Prion
added 2017/04/21 2:59 a.m.11 views

Cross site request forgery (csrf)

WonderCMS before 2.0.3 has CSRF because of lack of a token in an unspecified context...

6.8CVSS8.7AI score0.00565EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2017/04/21 2:59 a.m.12 views

CVE-2017-7951

WonderCMS before 2.0.3 has CSRF because of lack of a token in an unspecified context...

8.8CVSS7AI score
Exploits0References2
Cvelist
Cvelist
added 2017/04/21 2:11 a.m.21 views

CVE-2017-7951

WonderCMS before 2.0.3 has CSRF because of lack of a token in an unspecified context...

8.8AI score0.00565EPSS
Exploits0References2
CVE
CVE
added 2017/04/21 2:11 a.m.44 views

CVE-2017-7951

CVE-2017-7951 affects WonderCMS prior to version 2.0.3. The vulnerability is a CSRF due to lack of a token in an unspecified context, as described in NVD and corroborated by multiple sources. The primary affected component is WonderCMS’s request handling where a missing anti-CSRF token enables CS...

8.8CVSS8.7AI score0.00565EPSS
Exploits0References2Affected Software1
Packet Storm
Packet Storm
added 2016/11/22 12:0 a.m.31 views

WonderCMS 0.9.8 Cross Site Scripting

============================================= MGC ALERT 2016-006 - Original release date: Nov 16, 2016 - Last revised: Nov 21, 2016 - Discovered by: Manuel Garcia Cardenas - Severity: 4,8/10 CVSS Base Score ============================================= I. VULNERABILITY -------------------------...

7.4AI score
Exploits0
CNVD
CNVD
added 2015/07/08 12:0 a.m.1 views

Multiple Vulnerabilities in WonderCMS

WonderCMS is a PHP-based content management system. WonderCMS suffers from local file inclusion, information disclosure, and directory traversal vulnerabilities. An attacker could exploit these vulnerabilities to execute arbitrary local scripts and retrieve contextually arbitrary files from an...

7AI score
Exploits0References1
0day.today
0day.today
added 2015/06/22 12:0 a.m.18 views

Wonder CMS 0.6-Beta File Inclusion / Traversal / Disclosure Vulnerabilities

Wonder CMS version 0.6-Beta suffers from inclusion, password disclosure, and directory traversal vulnerabilities. | Title : WonderCMS 0.6-Beta Multi Vulnerability | Author : indoushka | email : email protected | Dork : ©2015 Your website | Powered by WonderCMS | Login | Tested on: windows 8.1...

7.3AI score
Exploits0
Packet Storm
Packet Storm
added 2015/06/18 12:0 a.m.36 views

Wonder CMS 0.6-Beta File Inclusion / Traversal / Disclosure

| Title : WonderCMS 0.6-Beta Multi Vulnerability | Author : indoushka | email : [email protected] | Dork : ©2015 Your website | Powered by WonderCMS | Login | Tested on: windows 8.1 Français V.Pro | Download : http://wondercms.com/ ======================================= File inclusion :...

Exploits0
NVD
NVD
added 2015/01/01 11:59 a.m.13 views

CVE-2011-5317

Cross-site scripting XSS vulnerability in editText.php in WonderCMS before 0.4 allows remote attackers to inject arbitrary web script or HTML via the content parameter...

4.3CVSS5.7AI score0.00942EPSS
Exploits0References1
Prion
Prion
added 2015/01/01 11:59 a.m.15 views

Cross site scripting

Cross-site scripting XSS vulnerability in editText.php in WonderCMS before 0.4 allows remote attackers to inject arbitrary web script or HTML via the content parameter...

4.3CVSS6.1AI score0.00942EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2015/01/01 11:0 a.m.43 views

CVE-2011-5317

The CVE-2011-5317 entry describes an XSS vulnerability in WonderCMS prior to version 0.4, exploitable through the content parameter in editText.php. Affected software: WonderCMS (pre-0.4); vulnerable component: editText.php. Root cause: cross-site scripting via unescaped content input. Impact: al...

4.3CVSS5.9AI score0.00942EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2015/01/01 11:0 a.m.23 views

CVE-2011-5317

Cross-site scripting XSS vulnerability in editText.php in WonderCMS before 0.4 allows remote attackers to inject arbitrary web script or HTML via the content parameter...

5.7AI score0.00942EPSS
Exploits0References1
securityvulns
securityvulns
added 2011/01/07 12:0 a.m.51 views

XSS vulnerability in WonderCMS

Vulnerability ID: HTB22759 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinwondercms.html Product: WonderCMS Vendor: Robert Isoski http://krneky.com/en/wondercms Vulnerable Version: 0.3.3 and probably prior versions Vendor Notification: 21 December 2010 Vulnerability Type: XSS Cross...

0.3AI score
Exploits0
Rows per page
Query Builder