Lucene search
K

4 matches found

0day.today
0day.today
added 2019/09/02 12:0 a.m.75 views

Alkacon OpenCMS 10.5.x - Cross-Site Scripting Vulnerability

Exploit for multiple platform in category web applications Exploit Title: Alkacon OpenCMS 10.5.x - Multiple XSS in Apollo Template Exploit Author: Aetsu Vendor Homepage: http://www.opencms.org Software Link: https://github.com/alkacon/apollo-template Version: 10.5.x Tested on: 10.5.5 / 10.5.4 CVE...

4.3CVSS6.3AI score0.02904EPSS
Exploits6
Packet Storm
Packet Storm
added 2019/09/02 12:0 a.m.314 views

Alkacon OpenCMS 10.5.x Cross Site Scripting

Exploit Title: Alkacon OpenCMS 10.5.x - Multiple XSS in Apollo Template Google Dork: N/A Date: 18/07/2019 Exploit Author: Aetsu Vendor Homepage: http://www.opencms.org Software Link: https://github.com/alkacon/apollo-template Version: 10.5.x Tested on: 10.5.5 / 10.5.4 CVE : CVE-2019-13234,...

4.3CVSS6.2AI score0.02904EPSS
Exploits6
Exploit DB
Exploit DB
added 2019/09/02 12:0 a.m.261 views

Alkacon OpenCMS 10.5.x - Cross-Site Scripting

Exploit Title: Alkacon OpenCMS 10.5.x - Multiple XSS in Apollo Template Google Dork: N/A Date: 18/07/2019 Exploit Author: Aetsu Vendor Homepage: http://www.opencms.org Software Link: https://github.com/alkacon/apollo-template Version: 10.5.x Tested on: 10.5.5 / 10.5.4 CVE : CVE-2019-13234,...

6.1CVSS6.5AI score0.02904EPSS
Exploits6
CVE
CVE
added 2019/08/27 11:6 a.m.108 views

CVE-2019-13235

CVE-2019-13235 affects Alkacon OpenCms Apollo Template 10.5.4 and 10.5.5, with a Cross-Site Scripting (XSS) flaw in the login form. Public sources describe the vulnerability as an XSS in the login workflow, with PoCs showing injection potentially via headers like X-Forwarded-For. NVD metrics list...

6.1CVSS5.8AI score0.02904EPSS
Exploits5References3Affected Software1
Rows per page
Query Builder