82 matches found
CVE-2023-6303
A vulnerability was found in CSZCMS 1.3.0. It has been classified as problematic. This affects an unknown part of the file /admin/settings/ of the component Site Settings Page. The manipulation of the argument Additional Meta Tag with the input leads to cross site scripting. It is possible to...
CVE-2023-6303
A vulnerability was found in CSZCMS 1.3.0. It has been classified as problematic. This affects an unknown part of the file /admin/settings/ of the component Site Settings Page. The manipulation of the argument Additional Meta Tag with the input leads to cross site scripting. It is possible to...
CVE-2023-6302
A vulnerability was found in CSZCMS 1.3.0 and classified as critical. Affected by this issue is some unknown functionality of the file \views\templates of the component File Manager Page. The manipulation leads to permission issues. The attack may be launched remotely. The exploit has been...
CVE-2023-6302
A vulnerability was found in CSZCMS 1.3.0 and classified as critical. Affected by this issue is some unknown functionality of the file \views\templates of the component File Manager Page. The manipulation leads to permission issues. The attack may be launched remotely. The exploit has been...
Design/Logic Flaw
A vulnerability was found in CSZCMS 1.3.0 and classified as critical. Affected by this issue is some unknown functionality of the file \views\templates of the component File Manager Page. The manipulation leads to permission issues. The attack may be launched remotely. The exploit has been...
Cross site scripting
A vulnerability was found in CSZCMS 1.3.0. It has been classified as problematic. This affects an unknown part of the file /admin/settings/ of the component Site Settings Page. The manipulation of the argument Additional Meta Tag with the input leads to cross site scripting. It is possible to...
CVE-2023-6303
CSZCMS 1.3.0 contains an XSS in the Site Settings Page, specifically /admin/settings/, triggered by manipulating the Additional Meta Tag with the payload . The vulnerability is remotely exploitable and details have been publicly disclosed (VDB-246129). Several connected sources confirm the affect...
CVE-2023-6303 CSZCMS Site Settings Page cross site scripting
A vulnerability was found in CSZCMS 1.3.0. It has been classified as problematic. This affects an unknown part of the file /admin/settings/ of the component Site Settings Page. The manipulation of the argument Additional Meta Tag with the input leads to cross site scripting. It is possible to...
CVE-2023-6302 CSZCMS File Manager Page templates permission
A vulnerability was found in CSZCMS 1.3.0 and classified as critical. Affected by this issue is some unknown functionality of the file \views\templates of the component File Manager Page. The manipulation leads to permission issues. The attack may be launched remotely. The exploit has been...
CVE-2023-6302 CSZCMS File Manager Page templates permission
A vulnerability was found in CSZCMS 1.3.0 and classified as critical. Affected by this issue is some unknown functionality of the file \views\templates of the component File Manager Page. The manipulation leads to permission issues. The attack may be launched remotely. The exploit has been...
CVE-2023-6302
CSZCMS 1.3.0 has a vulnerability in the File Manager Page templates (viewstemplates) that allows permission issues. The root cause is tied to unknown functionality in the affected templates, enabling remote exploitation with publicly disclosed exploit details. Multiple sources (NVD, CVE records a...
PT-2023-32603 · Csz Cms · Csz Cms
Name of the Vulnerable Software and Affected Versions: CSZCMS version 1.3.0 Description: A problematic issue has been found, affecting the Site Settings Page component, specifically the /admin/settings/ part of the file. The manipulation of the Additional Meta Tag argument with the input leads to...
CSZCMS License Issue Vulnerability
CSZCMS is an open source web application that allows managing all content and settings on a website. An authorization issue vulnerability exists in CSZCMS version 1.3.0, which stems from an unknown function in the file view template in the component File Manager Page, resulting in a permissions...
CSZCMS Cross-Site Scripting Vulnerability
CSZCMS is an open source web application that allows managing all content and settings on a website. A cross-site scripting vulnerability exists in CSZCMS version 1.3.0, which stems from a cross-site scripting XSS vulnerability in the file /admin/settings/ of the component Site Settings Page...
CVE-2023-41436
Cross Site Scripting vulnerability in CSZCMS v.1.3.0 allows a local attacker to execute arbitrary code via a crafted script to the Additional Meta Tag parameter in the Pages Content Menu component...
CVE-2023-41436
Cross Site Scripting vulnerability in CSZCMS v.1.3.0 allows a local attacker to execute arbitrary code via a crafted script to the Additional Meta Tag parameter in the Pages Content Menu component...
CVE-2023-41436
Cross Site Scripting vulnerability in CSZCMS v.1.3.0 allows a local attacker to execute arbitrary code via a crafted script to the Additional Meta Tag parameter in the Pages Content Menu component...
Cross site scripting
Cross Site Scripting vulnerability in CSZCMS v.1.3.0 allows a local attacker to execute arbitrary code via a crafted script to the Additional Meta Tag parameter in the Pages Content Menu component...
CVE-2023-41436
CVE-2023-41436 (CSZCMS v1.3.0) is a Cross Site Scripting vulnerability where a crafted input in the Additional Meta Tag field of the Pages Content Menu component enables a local attacker to execute arbitrary code in the context of the web application. The NVD entry lists a CVSS v3.1 base score of...
CVE-2023-41436
Cross Site Scripting vulnerability in CSZCMS v.1.3.0 allows a local attacker to execute arbitrary code via a crafted script to the Additional Meta Tag parameter in the Pages Content Menu component...