CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

securityvulns•added 2014/10/14 12:0 a.m.•74 views

Reflected Cross-Site Scripting (XSS) in BlackCat CMS

Advisory ID: HTB23228 Product: BlackCat CMS Vendor: Black Cat Development Vulnerable Versions: 1.0.3 and probably prior Tested Version: 1.0.3 Advisory Publication: August 13, 2014 without technical details Vendor Notification: August 13, 2014 Vendor Patch: August 13, 2014 Public Disclosure:...

4.3CVSS6.4AI score0.00421EPSS

Exploits3

CVE•added 2014/09/12 2:0 p.m.•32 views

CVE-2014-5259

CVE-2014-5259 is a reflected XSS in BlackCat CMS up to version 1.0.3, caused by insufficient sanitization of the GET parameter “msg” passed to /modules/lib_jquery/plugins/cattranslate/cattranslate.php. A remote attacker can entice a logged-in user to open a crafted link and execute arbitrary HTML...

4.3CVSS5.8AI score0.00421EPSS

Exploits3References6Affected Software1

Cvelist•added 2014/09/12 2:0 p.m.•17 views

CVE-2014-5259

Cross-site scripting XSS vulnerability in cattranslate.php in the CatTranslate JQuery plugin in BlackCat CMS 1.0.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the msg parameter...

5.6AI score0.00421EPSS

Exploits3References6

0day.today•added 2014/09/04 12:0 a.m.•34 views

BlackCat CMS 1.0.3 Cross Site Scripting Vulnerability

BlackCat CMS version 1.0.3 suffers from a cross site scripting vulnerability. Product: BlackCat CMS Vendor: Black Cat Development Vulnerable Versions: 1.0.3 and probably prior Tested Version: 1.0.3 Advisory Publication: August 13, 2014 without technical details Vendor Notification: August 13, 201...

4.3CVSS6.2AI score0.00421EPSS

Exploits3