Lucene search
K

10 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 3:15 a.m.6 views

CVE-2023-22438

Cross-site scripting vulnerability in Contents Management of EC-CUBE 4 series EC-CUBE 4.0.0 to 4.0.6-p2, EC-CUBE 4.1.0 to 4.1.2-p1, and EC-CUBE 4.2.0, EC-CUBE 3 series EC-CUBE 3.0.0 to 3.0.18-p5, and EC-CUBE 2 series EC-CUBE 2.11.0 to 2.11.5, EC-CUBE 2.12.0 to 2.12.6, EC-CUBE 2.13.0 to 2.13.5, an...

5.4CVSS6.5AI score0.00692EPSS
Exploits0References1
NVD
NVD
added 2023/03/06 12:15 a.m.18 views

CVE-2023-22438

Cross-site scripting vulnerability in Contents Management of EC-CUBE 4 series EC-CUBE 4.0.0 to 4.0.6-p2, EC-CUBE 4.1.0 to 4.1.2-p1, and EC-CUBE 4.2.0, EC-CUBE 3 series EC-CUBE 3.0.0 to 3.0.18-p5, and EC-CUBE 2 series EC-CUBE 2.11.0 to 2.11.5, EC-CUBE 2.12.0 to 2.12.6, EC-CUBE 2.13.0 to 2.13.5, an...

5.4CVSS5.2AI score0.00692EPSS
Exploits0References4
OSV
OSV
added 2023/03/06 12:15 a.m.24 views

CVE-2023-22438

Cross-site scripting vulnerability in Contents Management of EC-CUBE 4 series EC-CUBE 4.0.0 to 4.0.6-p2, EC-CUBE 4.1.0 to 4.1.2-p1, and EC-CUBE 4.2.0, EC-CUBE 3 series EC-CUBE 3.0.0 to 3.0.18-p5, and EC-CUBE 2 series EC-CUBE 2.11.0 to 2.11.5, EC-CUBE 2.12.0 to 2.12.6, EC-CUBE 2.13.0 to 2.13.5, an...

5.4CVSS6.5AI score
Exploits0References4
Prion
Prion
added 2023/03/06 12:15 a.m.22 views

Cross site scripting

Cross-site scripting vulnerability in Contents Management of EC-CUBE 4 series EC-CUBE 4.0.0 to 4.0.6-p2, EC-CUBE 4.1.0 to 4.1.2-p1, and EC-CUBE 4.2.0, EC-CUBE 3 series EC-CUBE 3.0.0 to 3.0.18-p5, and EC-CUBE 2 series EC-CUBE 2.11.0 to 2.11.5, EC-CUBE 2.12.0 to 2.12.6, EC-CUBE 2.13.0 to 2.13.5, an...

4.9CVSS5.2AI score0.00692EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2023/03/05 12:0 a.m.6 views

CVE-2023-22438

Cross-site scripting vulnerability in Contents Management of EC-CUBE 4 series EC-CUBE 4.0.0 to 4.0.6-p2, EC-CUBE 4.1.0 to 4.1.2-p1, and EC-CUBE 4.2.0, EC-CUBE 3 series EC-CUBE 3.0.0 to 3.0.18-p5, and EC-CUBE 2 series EC-CUBE 2.11.0 to 2.11.5, EC-CUBE 2.12.0 to 2.12.6, EC-CUBE 2.13.0 to 2.13.5, an...

5.5AI score0.00692EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2023/02/28 7:38 a.m.3 views

Multiple cross-site scripting vulnerabilities in EC-CUBE

Overview EC-CUBE provided by EC-CUBE CO.,LTD. contains multiple cross-site scripting vulnerabilities listed below. Cross-site scripting vulnerability in Contents Management CWE-79 - CVE-2023-22438 Cross-site scripting vulnerability in Authentication Key Settings CWE-79 - CVE-2023-25077 Cross-site...

5.4CVSS6.4AI score0.00692EPSS
Exploits0References9
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/10/09 12:0 a.m.27 views

JVN#84982142: Pref Shimane CMS vulnerable to SQL injection

Pref Shimane CMS is an open-source Contents Management System CMS. Pref Shimane CMS contains an SQL injection vulnerability. Impact A logged in attacker may execute arbitrary SQL statements. Solution Update the Software Update to the latest version according to the information provided by the...

6.5CVSS7.6AI score0.01711EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2012/05/15 12:0 a.m.33 views

JVN#53465692: baserCMS vulnerable to session management

baserCMS is an open-source Contents Management System CMS. baserCMS contains a vulnerability in session management. Impact If a web server is hosting several websites, and baserCMS are installed on the respective websites, an administrator of a baserCMS can access baserCMS instance of the other...

5.1CVSS6.2AI score0.02699EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2010/04/02 12:0 a.m.30 views

JVN#60969543 HL-SiteManager vulnerable to SQL injection

HL-SiteManager from Heartlogic is a contents management system CMS software. HL-SiteManager contains a SQL injection vulnerability. Impact A remote attacker may view or modify information stored by the product. Solution Do not use HL-SiteManager As patches will not be provided, users are...

7.5CVSS6.9AI score0.01063EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2009/06/19 12:0 a.m.32 views

JVN#12244807 Cross-site scripting vulnerability in PukiWikiMod from XOOPS Maniac

PukiWikiMod from XOOPS Maniac is a contents management software for XOOPS. PukiWikiMod contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the software Update to latest version according to the information provided b...

4.3CVSS5.9AI score0.01223EPSS
Exploits0
Rows per page
Query Builder