6 matches found
CVE-2013-3728
CVE-2013-3728 affects Kasseler CMS prior to 2 r1232. The connected sources document three vulnerabilities in Kasseler CMS: stored XSS via the cat parameter in admin.php (admin_new_category action), general XSS, and CSRF allowing SQL execution. Specifically, remote authenticated users with categor...
Multiple Vulnerabilities in Kasseler CMS
Advisory ID: HTB23158 Product: Kasseler CMS Vendor: Kasseler CMS Vulnerable Versions: 2 r1223 and probably prior Tested Version: 2 r1223 Vendor Notification: May 29, 2013 Vendor Patch: June 28, 2013 Public Disclosure: July 3, 2013 Vulnerability Type: SQL Injection CWE-89, Cross-Site Scripting...
Kasseler CMS 2 r1223 - Multiple Vulnerabilities
Kasseler CMS 2 r1223 - Multiple Vulnerabilities Advisory ID: HTB23158 Product: Kasseler CMS Vendor: Kasseler CMS Vulnerable Versions: 2 r1223 and probably prior Tested Version: 2 r1223 Vendor Notification: May 29, 2013 Vendor Patch: June 28, 2013 Public Disclosure: July 3, 2013 Vulnerability Type...
Kasseler CMS 2 r1223 - Multiple Vulnerabilities
Advisory ID: HTB23158 Product: Kasseler CMS Vendor: Kasseler CMS Vulnerable Versions: 2 r1223 and probably prior Tested Version: 2 r1223 Vendor Notification: May 29, 2013 Vendor Patch: June 28, 2013 Public Disclosure: July 3, 2013 Vulnerability Type: SQL Injection CWE-89, Cross-Site Scripting...
Kasseler CMS 2 r1223 CSRF / XSS / SQL Injection Vulnerabilities
Kasseler CMS version 2 r1223 suffers from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities. Vendor: Kasseler CMS Vulnerable Versions: 2 r1223 and probably prior Tested Version: 2 r1223 Vendor Notification: May 29, 2013 Vendor Patch: June 28, 2013 Public...
Kasseler CMS 2 r1223 CSRF / XSS / SQL Injection
Advisory ID: HTB23158 Product: Kasseler CMS Vendor: Kasseler CMS Vulnerable Versions: 2 r1223 and probably prior Tested Version: 2 r1223 Vendor Notification: May 29, 2013 Vendor Patch: June 28, 2013 Public Disclosure: July 3, 2013 Vulnerability Type: SQL Injection CWE-89, Cross-Site Scripting...