2 matches found
CVE-2019-18883
CVE-2019-18883 is a stored XSS in Lavalite CMS version 5.7, exploitable via the admin/profile name or designation field. The root cause is a vulnerability in Lavalite’s web application code that allows injection of JavaScript into profile fields (as demonstrated by the historical exploit examples...
LavaLite CMS 5.7 Cross Site Scripting
Exploit Title: LavaLite CMS - 5.7 - Cross-Site Scripting Date: 09-10-2019 Exploit Author: Ismail Tasdelen Vendor Homepage: https://lavalite.org/ Software Link : https://github.com/LavaLite/cms Software : LavaLite CMS - v 5.7 Version : v 5.7 Vulernability Type : Cross-site Scripting Vulenrability ...