4 matches found
Alkacon OpenCMS 10.5.x - Cross-Site Scripting Vulnerability
Exploit for multiple platform in category web applications Exploit Title: Alkacon OpenCMS 10.5.x - Multiple XSS in Apollo Template Exploit Author: Aetsu Vendor Homepage: http://www.opencms.org Software Link: https://github.com/alkacon/apollo-template Version: 10.5.x Tested on: 10.5.5 / 10.5.4 CVE...
Alkacon OpenCMS 10.5.x Cross Site Scripting
Exploit Title: Alkacon OpenCMS 10.5.x - Multiple XSS in Apollo Template Google Dork: N/A Date: 18/07/2019 Exploit Author: Aetsu Vendor Homepage: http://www.opencms.org Software Link: https://github.com/alkacon/apollo-template Version: 10.5.x Tested on: 10.5.5 / 10.5.4 CVE : CVE-2019-13234,...
Alkacon OpenCMS 10.5.x - Cross-Site Scripting
Exploit Title: Alkacon OpenCMS 10.5.x - Multiple XSS in Apollo Template Google Dork: N/A Date: 18/07/2019 Exploit Author: Aetsu Vendor Homepage: http://www.opencms.org Software Link: https://github.com/alkacon/apollo-template Version: 10.5.x Tested on: 10.5.5 / 10.5.4 CVE : CVE-2019-13234,...
CVE-2019-13235
CVE-2019-13235 affects Alkacon OpenCms Apollo Template 10.5.4 and 10.5.5, with a Cross-Site Scripting (XSS) flaw in the login form. Public sources describe the vulnerability as an XSS in the login workflow, with PoCs showing injection potentially via headers like X-Forwarded-For. NVD metrics list...