EUVD-2017-1378

Malware in sbrugna...

Chevereto CMS 3.7.0 SQL Injection

==================================================================================================================================== | Title : Chevereto CMS V3.7.0 Sql injection Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 66.0.264-bit...

Chevereto CMS 3.7.0 HTTP Parameter Pollution

==================================================================================================================================== | Title : Chevereto CMS V3.7.0 HPP Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 66.0.264-bit | | Vendo...

Chevereto CMS Cross-Site Scripting Vulnerability

Chevereto CMS is an open source content management system. The system is bundled with multiple languages and features image preview, drag and drop, and simultaneous upload of multiple images. A cross-site scripting vulnerability exists in Chevereto CMS versions prior to 3.8.11. A remote attacker...

CVE-2017-1000058

Stored XSS vulnerabilities in chevereto CMS before version 3.8.11, one in the user profile and one in the Exif data parser...

CVE-2017-1000058

Stored XSS vulnerabilities in chevereto CMS before version 3.8.11, one in the user profile and one in the Exif data parser...

CVE-2017-1000058

Chevereto CMS (prior to 3.8.11) contains stored XSS in two vectors: the user profile input and the Exif data parser. Root cause: unsafe handling of user-supplied content leads to script/HTML injection that persists in the application. Impact: potential execution of arbitrary scripts in a victim’s...