Lucene search
K

37 matches found

NVD
NVD
added 2024/01/17 3:15 a.m.29 views

CVE-2023-46952

Cross Site Scripting vulnerability in ABO.CMS v.5.9.3 allows an attacker to execute arbitrary code via a crafted payload to the Referer header...

6.1CVSS6.3AI score0.00455EPSS
Exploits1References1
Prion
Prion
added 2024/01/17 3:15 a.m.19 views

Cross site scripting

Cross Site Scripting vulnerability in ABO.CMS v.5.9.3 allows an attacker to execute arbitrary code via a crafted payload to the Referer header...

5.8CVSS7.4AI score0.00455EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2024/01/17 12:0 a.m.18 views

CVE-2023-48858

A Cross-site scripting XSS vulnerability in login page php code in Armex ABO.CMS 5.9 allows remote attackers to inject arbitrary web script or HTML via the login.php? URL part...

6.3AI score0.0052EPSS
Exploits2References2
CVE
CVE
added 2024/01/17 12:0 a.m.43 views

CVE-2023-46952

ABO.CMS v5.9.3 is affected by a Cross-Site Scripting vulnerability that allows an attacker to execute arbitrary code via a crafted payload in the Referer header. Affected component: ABO.CMS web application (version 5.9.3). Root cause: input in the Referer header is not properly sanitized, enablin...

6.1CVSS6.3AI score0.00455EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2024/01/17 12:0 a.m.34 views

CVE-2023-46952

Cross Site Scripting vulnerability in ABO.CMS v.5.9.3 allows an attacker to execute arbitrary code via a crafted payload to the Referer header...

6.5AI score0.00455EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/01/17 12:0 a.m.8 views

CVE-2023-46952

Cross Site Scripting vulnerability in ABO.CMS v.5.9.3 allows an attacker to execute arbitrary code via a crafted payload to the Referer header...

6.4AI score0.00455EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/01/17 12:0 a.m.5 views

CVE-2023-48858

A Cross-site scripting XSS vulnerability in login page php code in Armex ABO.CMS 5.9 allows remote attackers to inject arbitrary web script or HTML via the login.php? URL part...

6.2AI score0.0052EPSS
Exploits2References2
CVE
CVE
added 2024/01/17 12:0 a.m.42 views

CVE-2023-48858

The CVE-2023-48858 issue is a Cross-site Scripting (XSS) vulnerability in ABO.CMS 5.9, specifically in login.php, allowing remote attackers to inject arbitrary script via the login.php? URL. Connected sources confirm affected product ABO.CMS 5.9 and login-page code as the root cause; exploitation...

6.1CVSS6.1AI score0.0052EPSS
Exploits2References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/01/11 12:0 a.m.9 views

The vulnerability of the Documents module in the ABO.CMS system allows a perpetrator to execute arbitrary code.

The vulnerability of the Documents module in the ABO.CMS system is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

7.5CVSS8.2AI score0.00829EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2024/01/06 5:15 a.m.12 views

CVE-2023-46953

SQL Injection vulnerability in ABO.CMS v.5.9.3, allows remote attackers to execute arbitrary code via the d parameter in the Documents module...

9.8CVSS9.9AI score0.00829EPSS
Exploits0References1
Prion
Prion
added 2024/01/06 5:15 a.m.14 views

Sql injection

SQL Injection vulnerability in ABO.CMS v.5.9.3, allows remote attackers to execute arbitrary code via the d parameter in the Documents module...

7.5CVSS9.3AI score0.00829EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/01/06 12:0 a.m.17 views

CVE-2023-46953

SQL Injection vulnerability in ABO.CMS v.5.9.3, allows remote attackers to execute arbitrary code via the d parameter in the Documents module...

10AI score0.00829EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/01/06 12:0 a.m.5 views

CVE-2023-46953

SQL Injection vulnerability in ABO.CMS v.5.9.3, allows remote attackers to execute arbitrary code via the d parameter in the Documents module...

10AI score0.00829EPSS
Exploits0References1
CVE
CVE
added 2024/01/06 12:0 a.m.47 views

CVE-2023-46953

CVE-2023-46953 : A SQL Injection in ABO.CMS v5.9.3 affects the Documents module via the d parameter, due to unprotected SQL query construction. This allows remote attackers to execute arbitrary code. Public documents indicate exploitation in the ABO.CMS context and describe a potential workaround...

9.8CVSS9.9AI score0.00829EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/12/20 12:0 a.m.4 views

ABO.CMS Security Vulnerabilities

ABO.CMS is a content management platform. A security vulnerability exists in ABO.CMS. An attacker exploited the vulnerability to perform a SQL injection attack...

9.8CVSS7.8AI score0.00829EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/10/25 12:0 a.m.6 views

PT-2023-8180 · Abo.Cms · Abo.Cms

Name of the Vulnerable Software and Affected Versions: ABO.CMS version 5.9.3 Description: The issue is related to a SQL Injection vulnerability in the Documents module of ABO.CMS, which allows remote attackers to execute arbitrary code via the d parameter. This vulnerability is due to the lack of...

9.8CVSS9.7AI score0.00829EPSS
Exploits0References10
securityvulns
securityvulns
added 2009/10/11 12:0 a.m.52 views

ABO.CMS Multiple Vulnerabilities

---------------------------------------------------------------------- PT-2009-17 Positive Technologies Security Advisory ABO.CMS Multiple Vulnerabilities ---------------------------------------------------------------------- --- Affected Software ABO.CMS Versions prior to 5.1 Product Link:...

Exploits0
Rows per page
Query Builder