Lucene search
K

44 matches found

CNNVD
CNNVD
added 2023/08/18 12:0 a.m.5 views

CSZ CMS 跨站脚本漏洞

CSZ CMS is an open source PHP-based content management system CMS. A security vulnerability exists in CSZ CMS version 1.3.0, which can be exploited by an attacker to execute arbitrary web script or HTML via a crafted payload entered in the Carousel Wiget and via rotating widgets created on top of...

6.1CVSS6.6AI score0.00436EPSS
Exploits4References4
Cvelist
Cvelist
added 2023/08/18 12:0 a.m.25 views

CVE-2023-38910

CSZ CMS 1.3.0 is vulnerable to cross-site scripting XSS, which allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered in the 'Carousel Wiget' section and choosing our carousel widget created above, in 'Photo URL' and 'YouTube URL' plugin...

6.2AI score0.00436EPSS
Exploits4References1
Positive Technologies
Positive Technologies
added 2023/08/18 12:0 a.m.2 views

PT-2023-26681 · Unknown +2 · Carousel Wiget +3

Name of the Vulnerable Software and Affected Versions: CSZ CMS version 1.3.0 Description: The issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered in the 'Carousel Wiget' section and choosing the carousel widget created above, in 'Photo URL' and 'YouTube...

6.1CVSS5.9AI score0.00436EPSS
Exploits4References5
Vulnrichment
Vulnrichment
added 2023/08/18 12:0 a.m.12 views

CVE-2023-38910

CSZ CMS 1.3.0 is vulnerable to cross-site scripting XSS, which allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered in the 'Carousel Wiget' section and choosing our carousel widget created above, in 'Photo URL' and 'YouTube URL' plugin...

6.3AI score0.00436EPSS
Exploits4References1
Rows per page
Query Builder