Lucene search
+L

4 matches found

Packet Storm
Packet Storm
added 2021/08/05 12:0 a.m.266 views

CMSuno 1.7 Cross Site Scripting

Exploit Title: CMSuno 1.7 - 'tgo' Stored Cross-Site Scripting XSS Authenticated Date: 03-08-2021 Exploit Author: splint3rsec Vendor Homepage: https://github.com/boiteasite Software Link: https://github.com/boiteasite/cmsuno Affected Versions: CMSuno 1.7 and prior CVE : CVE-2021-36654 CMSuno versi...

5.6AI score0.01936EPSS
Exploits4
0day.today
0day.today
added 2021/08/05 12:0 a.m.159 views

CMSuno 1.7 - (tgo) Stored Cross-Site Scripting (Authenticated) Vulnerability

Exploit Title: CMSuno 1.7 - 'tgo' Stored Cross-Site Scripting XSS Authenticated Exploit Author: splint3rsec Vendor Homepage: https://github.com/boiteasite Software Link: https://github.com/boiteasite/cmsuno Affected Versions: CMSuno 1.7 and prior CVE : CVE-2021-36654 CMSuno version 1.7 and prior ...

5.4CVSS5.6AI score0.01936EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/08/05 12:0 a.m.296 views

CMSuno 1.7 - 'tgo' Stored Cross-Site Scripting (XSS) (Authenticated)

Exploit Title: CMSuno 1.7 - 'tgo' Stored Cross-Site Scripting XSS Authenticated Date: 03-08-2021 Exploit Author: splint3rsec Vendor Homepage: https://github.com/boiteasite Software Link: https://github.com/boiteasite/cmsuno Affected Versions: CMSuno 1.7 and prior CVE : CVE-2021-36654 CMSuno versi...

5.4CVSS5.5AI score0.01936EPSS
Exploits4
CVE
CVE
added 2021/08/03 5:47 p.m.100 views

CVE-2021-36654

CMSuno 1.7 (and earlier) is affected by an authenticated stored cross-site scripting (XSS) vulnerability. The flaw occurs in the theme update flow when the attacker can modify the filename parameter (tgo) during a template image name submission, injecting payloads via the tgo parameter to trigger...

5.4CVSS5.1AI score0.01936EPSS
Exploits4References2Affected Software1
Rows per page
Query Builder