Lucene search
K

6 matches found

CVE
CVE
added 2014/03/13 2:0 p.m.57 views

CVE-2013-3729

Kasseler CMS (before 2 r1232) suffers multiple CSRF vulnerabilities that can be exploited to perform SQL injection via admin.php. Specifically, CSRF can abuse the groups[] parameter in the send action (sendmail module) or the query parameter in the sql_query action (database module), enabling rem...

6.8CVSS8AI score0.01256EPSS
Exploits5References6Affected Software1
securityvulns
securityvulns
added 2013/07/15 12:0 a.m.97 views

Multiple Vulnerabilities in Kasseler CMS

Advisory ID: HTB23158 Product: Kasseler CMS Vendor: Kasseler CMS Vulnerable Versions: 2 r1223 and probably prior Tested Version: 2 r1223 Vendor Notification: May 29, 2013 Vendor Patch: June 28, 2013 Public Disclosure: July 3, 2013 Vulnerability Type: SQL Injection CWE-89, Cross-Site Scripting...

7.5CVSS0.3AI score0.02976EPSS
Exploits7
exploitpack
exploitpack
added 2013/07/05 12:0 a.m.50 views

Kasseler CMS 2 r1223 - Multiple Vulnerabilities

Kasseler CMS 2 r1223 - Multiple Vulnerabilities Advisory ID: HTB23158 Product: Kasseler CMS Vendor: Kasseler CMS Vulnerable Versions: 2 r1223 and probably prior Tested Version: 2 r1223 Vendor Notification: May 29, 2013 Vendor Patch: June 28, 2013 Public Disclosure: July 3, 2013 Vulnerability Type...

7.5CVSS0.4AI score0.02976EPSS
Exploits7
Exploit DB
Exploit DB
added 2013/07/05 12:0 a.m.57 views

Kasseler CMS 2 r1223 - Multiple Vulnerabilities

Advisory ID: HTB23158 Product: Kasseler CMS Vendor: Kasseler CMS Vulnerable Versions: 2 r1223 and probably prior Tested Version: 2 r1223 Vendor Notification: May 29, 2013 Vendor Patch: June 28, 2013 Public Disclosure: July 3, 2013 Vulnerability Type: SQL Injection CWE-89, Cross-Site Scripting...

7.5CVSS7AI score0.02976EPSS
Exploits7
0day.today
0day.today
added 2013/07/03 12:0 a.m.74 views

Kasseler CMS 2 r1223 CSRF / XSS / SQL Injection Vulnerabilities

Kasseler CMS version 2 r1223 suffers from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities. Vendor: Kasseler CMS Vulnerable Versions: 2 r1223 and probably prior Tested Version: 2 r1223 Vendor Notification: May 29, 2013 Vendor Patch: June 28, 2013 Public...

7.5CVSS7.6AI score0.02976EPSS
Exploits7
Packet Storm
Packet Storm
added 2013/07/03 12:0 a.m.62 views

Kasseler CMS 2 r1223 CSRF / XSS / SQL Injection

Advisory ID: HTB23158 Product: Kasseler CMS Vendor: Kasseler CMS Vulnerable Versions: 2 r1223 and probably prior Tested Version: 2 r1223 Vendor Notification: May 29, 2013 Vendor Patch: June 28, 2013 Public Disclosure: July 3, 2013 Vulnerability Type: SQL Injection CWE-89, Cross-Site Scripting...

7.5CVSS0.7AI score0.02976EPSS
Exploits7
Rows per page
Query Builder