CVE-2024-42718

A path traversal vulnerability in Croogo CMS 4.0.7 allows remote attackers to read arbitrary files via a specially crafted path in the 'edit-file' parameter...

CVE-2024-42718

CVE-2024-42718 affects Croogo CMS 4.0.7 and is a path-traversal vulnerability that allows remote attackers to read arbitrary files via a crafted value in the edit-file parameter. The issue is documented across multiple feeds (Red Hat, CIRCL, OSV, NVD, etc.) with the same description. The CVE entr...

Croogo Cross-Site Scripting Vulnerability

Croogo is a content management system CMS based on the CakePHP framework development . The system provides content type can be customized for Blog, Node, Page, content editing using WYSIWYG editor and other features. A cross-site scripting vulnerability exists in Page name in Croogo version...

Croogo 2.0.0 - Multiple Persistent Cross-Site Scripting Vulnerabilities

------------------------ XSS 1 -------- POST parameters: - dataContacttitle ------------------------ input type="hidden" name="dataTokenkey" value="2627e9e204ad6b878db...

Croogo CMS 1.3.4 - Multiple HTML Injection Vulnerabilities

Croogo CMS 1.3.4 - Multiple HTML Injection Vulnerabilities source: https://www.securityfocus.com/bid/53287/info Croogo CMS is prone to multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input. Successful exploits will allow attacker-supplied HTML and scrip...

Croogo CMS 1.3.4 Cross Site Scripting

Title: ====== Croogo v1.3.4 CMS - Multiple Web Vulnerabilities Date: ===== 2012-04-28 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=533 VL-ID: ===== 533 Introduction: ============= A CakePHP powered Content Management System. Croogo is a free and open source content...

Croogo CMS 1.3.4 - Multiple HTML Injection Vulnerabilities

source: https://www.securityfocus.com/bid/53287/info Croogo CMS is prone to multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input. Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser,...

Croogo v1.3.4 CMS - Multiple Web Vulnerabilities

Document Title: =============== Croogo v1.3.4 CMS - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=533 Release Date: ============= 2012-04-28 Vulnerability Laboratory ID VL-ID: ==================================== 533 Produc...

Croogo v1.3.4 CMS - Multiple Web Vulnerabilities

Document Title: =============== Croogo v1.3.4 CMS - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=533 Release Date: ============= 2012-04-28 Vulnerability Laboratory ID VL-ID: ==================================== 533 Produc...

Croogo CMS 1.2 Cross Site Scripting Vulnerabilities

Croogo CMS 1.2 Cross Site Scripting Vulnerabilities ========================================== Vulnerable Software: 1.2 and prior Release Date: 2010-03-06 Last Update: 2010-02-01 Critical: Low Impact: Session hijack Denial of service Code execution Solution Status: Webvuln has informed and...

Croogo CMS versions 1.2 Cross Site Scripting Vulnerabilities

Exploit for unknown platform in category web applications ============================================================ Croogo CMS versions 1.2 Cross Site Scripting Vulnerabilities ============================================================ Vulnerable Software: 1.2 and prior Release Date:...

Croogo CMS 1.2 Cross Site Scripting

Croogo CMS 1.2 Cross Site Scripting Vulnerabilities ========================================== Vulnerable Software: 1.2 and prior Release Date: 2010-03-06 Last Update: 2010-02-01 Critical: Low Impact: Session hijack Denial of service Code execution Solution Status: Webvuln has informed and...