Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 9:29 p.m.10 views

CVE-2021-3355

A stored-self XSS exists in LightCMS v1.3.4, allowing an attacker to execute HTML or JavaScript code in a vulnerable Title field to /admin/SensitiveWords...

5.4CVSS6.1AI score0.0725EPSS
Exploits4References1
Packet Storm
Packet Storm
added 2021/02/26 12:0 a.m.197 views

LightCMS 1.3.4 Cross Site Scripting

Exploit Title: LightCMS 1.3.4 - 'exclusive' Stored XSS Date: 25/02/2021 Exploit Author: Peithon Vendor Homepage: https://github.com/eddy8/LightCMS Software Link: https://github.com/eddy8/LightCMS/releases/tag/v1.3.4 Version: 1.3.4 Tested on: latest version of Chrome, Firefox on Windows and Linux...

5.6AI score0.0725EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/02/26 12:0 a.m.181 views

LightCMS 1.3.4 - 'exclusive' Stored XSS

Exploit Title: LightCMS 1.3.4 - 'exclusive' Stored XSS Date: 25/02/2021 Exploit Author: Peithon Vendor Homepage: https://github.com/eddy8/LightCMS Software Link: https://github.com/eddy8/LightCMS/releases/tag/v1.3.4 Version: 1.3.4 Tested on: latest version of Chrome, Firefox on Windows and Linux...

5.4CVSS5.5AI score0.0725EPSS
Exploits4
Circl
Circl
added 2021/02/24 6:36 p.m.8 views

CVE-2021-3355

creationtimestamp| type| source ---|---|--- 2021-02-24 18:36:57+00:00| seen| https://t.me/cibsecurity/24080 2024-11-14 06:08:09+00:00| seen| MISP/6daef9d1-6e3b-4168-ac75-0660f673be22...

5.4CVSS5.5AI score0.0725EPSS
Exploits4References1
NVD
NVD
added 2021/02/24 3:15 p.m.33 views

CVE-2021-3355

A stored-self XSS exists in LightCMS v1.3.4, allowing an attacker to execute HTML or JavaScript code in a vulnerable Title field to /admin/SensitiveWords...

5.4CVSS0.0725EPSS
Exploits4References4
Cvelist
Cvelist
added 2021/02/24 3:0 p.m.37 views

CVE-2021-3355

A stored-self XSS exists in LightCMS v1.3.4, allowing an attacker to execute HTML or JavaScript code in a vulnerable Title field to /admin/SensitiveWords...

5.5AI score0.0725EPSS
Exploits4References4
CVE
CVE
added 2021/02/24 3:0 p.m.73 views

CVE-2021-3355

LightCMS v1.3.4 contains a stored-self XSS in the Title field used for Sensitive Words (to /admin/SensitiveWords). Exploitation involves injecting HTML/JavaScript into the vulnerable title, with PoC payloads available (e.g., from Exploit-DB). The issue is confirmed across multiple sources (NVD, C...

5.4CVSS5.3AI score0.0725EPSS
Exploits4References4Affected Software1
Rows per page
Query Builder