13 matches found
EUVD-2018-2197
Malware in sbrugna...
EUVD-2021-28057
Malicious code in bioql PyPI...
CVE-2021-40902
flatCore-CMS version 2.0.8 is affected by Cross Site Scripting XSS in the "Create New Page" option through the index page...
CVE-2021-40902
flatCore-CMS version 2.0.8 is affected by Cross Site Scripting XSS in the "Create New Page" option through the index page...
flatCore 跨站脚本漏洞
flatCore is a lightweight content management system CMS based on PHP and SQLite. A cross-site scripting vulnerability exists in flatCore version 2.0.8, which stems from a lack of checksum filtering of user-supplied and output data in the Create New Page option of the index page. An attacker can...
WeaselCMS Cross-Site Request Forgery Vulnerability
WeaselCMS is a lightweight content management system CMS written in PHP. A cross-site request forgery vulnerability exists in WeaselCMS version 0.3.5. A remote attacker can exploit this vulnerability to create a new page with index.php?b=pages&a=new URI...
CVE-2018-10118
Monstra CMS 3.0.4 has Stored XSS via the Name field on the Create New Page screen under the admin/index.php?id=pages URI, related to plugins/box/pages/pages.admin.php...
CVE-2018-10118
Monstra CMS 3.0.4 has Stored XSS via the Name field on the Create New Page screen under the admin/index.php?id=pages URI, related to plugins/box/pages/pages.admin.php...
Cross site scripting
Monstra CMS 3.0.4 has Stored XSS via the Name field on the Create New Page screen under the admin/index.php?id=pages URI, related to plugins/box/pages/pages.admin.php...
Monstra CMS Cross-Site Scripting Vulnerability (CNVD-2018-08254)
Monstra CMS is a lightweight PHP-based content management system CMS developed by Ukrainian software developer Sergey Romanenko. The system is easy to install and use, scalable and so on. A cross-site scripting vulnerability exists in Monstra CMS version 3.0.4. A remote attacker can exploit the...
CVE-2018-10118
Monstra CMS 3.0.4 has Stored XSS via the Name field on the Create New Page screen under the admin/index.php?id=pages URI, related to plugins/box/pages/pages.admin.php...
CVE-2018-10118
Monstra CMS 3.0.4 is affected by a Stored XSS in the Name field on the Create New Page screen (admin/index.php?id=pages), related to plugins/box/pages/pages.admin.php. This CVE details the vulnerable component path and the input point that leads to script execution. The connected data confirms th...
Cross site scripting
Cross-site scripting XSS vulnerability in the Create New Page form in razorCMS 0.3 RC2 and earlier allows remote authenticated users to inject arbitrary web script or HTML via the Page Title field...