Lucene search
K

75 matches found

OSV
OSV
added 2022/03/23 4:15 p.m.18 views

CVE-2021-43735

CmsWing 1.3.7 is affected by a SQLi vulnerability via parameter: behavior rule...

9.8CVSS6.9AI score
Exploits0References1
Prion
Prion
added 2022/03/23 4:15 p.m.20 views

Remote code execution

CmsWing CMS 1.3.7 is affected by a Remote Code Execution RCE vulnerability via parameter: log rule...

7.5CVSS9.6AI score0.02326EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2022/03/23 4:15 p.m.21 views

Code injection

CmsWing 1.3.7 is affected by a SQLi vulnerability via parameter: behavior rule...

7.5CVSS9.4AI score0.01239EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2022/03/23 3:21 p.m.25 views

CVE-2021-43736

CmsWing CMS 1.3.7 is affected by a Remote Code Execution RCE vulnerability via parameter: log rule...

10AI score0.02326EPSS
Exploits1References1
CVE
CVE
added 2022/03/23 3:21 p.m.90 views

CVE-2021-43736

The vulnerability concerns CmsWing CMS 1.3.7 , where a Remote Code Execution (RCE) can be triggered through a vulnerable logging parameter path (described as a log rule). The available documents identify the affected product and the root cause as a misused or injectable logging rule parameter but...

9.8CVSS9.7AI score0.02326EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2022/03/23 3:17 p.m.29 views

CVE-2021-43735

CmsWing 1.3.7 is affected by a SQLi vulnerability via parameter: behavior rule...

9.7AI score0.01239EPSS
Exploits1References1
CVE
CVE
added 2022/03/23 3:17 p.m.89 views

CVE-2021-43735

CmsWing 1.3.7 is affected by a SQL injection vulnerability in the behavior rule parameter. The root cause is insufficient escaping/ filtering of SQL data in these parameters, allowing potential unauthorized SQL execution. Impact is described as exposing or altering database data (high severity pe...

9.8CVSS9.4AI score0.01239EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2022/03/23 12:0 a.m.4 views

CMSWing SQL注入漏洞

CMSWing is an e-commerce platform and CMS builder based on ThinkJS and MySQL.A SQL injection vulnerability exists in CMSWing version 1.3.7, which stems from the lack of filtering escapes for SQL data in the behavior rules of the parameters. An attacker could use this vulnerability to execute...

9.8CVSS6.1AI score0.01239EPSS
Exploits1References2
CNNVD
CNNVD
added 2022/03/23 12:0 a.m.5 views

CMSWing 参数注入漏洞

CMSWing is an e-commerce platform and CMS builder based on ThinkJS and MySQL. A security vulnerability exists in CMSWing version 1.3.7, which stems from a logging rule in a parameter that can lead to a remote code execution vulnerability...

9.8CVSS9.1AI score0.02326EPSS
Exploits1References2
CNVD
CNVD
added 2021/05/24 12:0 a.m.5 views

CMSWing Cross-Site Scripting Vulnerability (CNVD-2021-37204)

CMSWing is an e-commerce platform and CMS building system based on ThinkJS and MySQL. A cross-site scripting vulnerability exists in CmsWing version 1.3.7, which stems from a vulnerability that is triggered when a visitor accesses the Articles module. No detailed vulnerability details are availab...

5.4CVSS6.1AI score0.00503EPSS
Exploits1References1
CNVD
CNVD
added 2021/05/24 12:0 a.m.4 views

CMSWing Cross-Site Scripting Vulnerability

CMSWing is an e-commerce platform and CMS building system based on ThinkJS and MySQL. A cross-site scripting vulnerability exists in CmsWing version 1.3.7, which stems from a vulnerability that is triggered when an administrator accesses the content management module. No detailed vulnerability...

5.4CVSS6.1AI score0.00505EPSS
Exploits1References1
NVD
NVD
added 2021/05/17 7:15 p.m.17 views

CVE-2020-24993

There is a cross site scripting vulnerability on CmsWing 1.3.7. This vulnerability stored XSS is triggered when visitors access the article module...

5.4CVSS0.00503EPSS
Exploits1References1
NVD
NVD
added 2021/05/17 7:15 p.m.16 views

CVE-2020-24992

There is a cross site scripting vulnerability on CmsWing 1.3.7. This vulnerability stored XSS is triggered when an administrator accesses the content management module...

5.4CVSS0.00505EPSS
Exploits1References1
OSV
OSV
added 2021/05/17 7:15 p.m.13 views

CVE-2020-24992

There is a cross site scripting vulnerability on CmsWing 1.3.7. This vulnerability stored XSS is triggered when an administrator accesses the content management module...

5.4CVSS6.2AI score
Exploits0References1
OSV
OSV
added 2021/05/17 7:15 p.m.13 views

CVE-2020-24993

There is a cross site scripting vulnerability on CmsWing 1.3.7. This vulnerability stored XSS is triggered when visitors access the article module...

5.4CVSS6.2AI score
Exploits0References1
Prion
Prion
added 2021/05/17 7:15 p.m.12 views

Cross site scripting

There is a cross site scripting vulnerability on CmsWing 1.3.7. This vulnerability stored XSS is triggered when visitors access the article module...

3.5CVSS5.3AI score0.00503EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2021/05/17 7:15 p.m.16 views

Cross site scripting

There is a cross site scripting vulnerability on CmsWing 1.3.7. This vulnerability stored XSS is triggered when an administrator accesses the content management module...

3.5CVSS5.3AI score0.00505EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/05/17 6:44 p.m.17 views

CVE-2020-24993

There is a cross site scripting vulnerability on CmsWing 1.3.7. This vulnerability stored XSS is triggered when visitors access the article module...

5.4AI score0.00503EPSS
Exploits1References1
CVE
CVE
added 2021/05/17 6:44 p.m.36 views

CVE-2020-24993

Technical details of CVE-2020-24993 are not publicly provided in the supplied documents. Monitor for updates from vendors and advisories; no specifics on affected components, exploit method, or fixes are given here.

5.4CVSS5.3AI score0.00503EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2021/05/17 6:44 p.m.35 views

CVE-2020-24992

CVE-2020-24992 affects CmsWing 1.3.7. The connected Red Hat/CNVD/CNNVD and CVE aggregations confirm a stored cross-site scripting (XSS) vulnerability that is triggered when an administrator accesses the content management module. The available descriptions consistently state the vulnerability typ...

5.4CVSS5.3AI score0.00505EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder