Cross-site Scripting (XSS)

genix/cms is vulnerable to cross-site scripting. An attacker is able to inject a malicious script to "/gxadmin/index.php?page=themes=options" via the introtitle and introimage parameters, causing an execution of malicious script upon user's visit...

Cross-Site Request Forgery (CSRF)

genix/cms is vulnerable to cross-site request forgery CSRF. An improper fix to a previous vulnerability CVE-2015-2680 allows an attacker with any valid anti-CSRF tokens to perform a CSRF attack on another user and submit requests on behalf of the user...

Cross-Site Scripting (XSS)

genix/cms is vulnerable to cross-site scripting XSS attacks. The vulnerability exists because menuid parameter is not escaped properly, allowing the authenticated users to inject arbitrary code into it and launch XSS attacks...

Cross-site Scripting (XSS)

genix/cms is vulnerable to cross-site scripting XSS attacks. The library does not properly sanitize the Menu ID field ininc/lib/Control/Backend/menus.control.php , allowing a malicious user to inject and execute arbitrary web script through a page=menus request...

Cross-site Scripting (XSS)

genix/cms is vulnerable to cross-site scripting XSS attacks. The library does not properly sanitize the id field in /inc/lib/backend/menus.control.php, allowing a malicious user to inject and execute arbitrary web script...

Remote Code Execution (RCE)

genix/cms is vulnerable to remote code execution RCE attacks. A malicious user can upload a module zip file containing arbitrary php code that executes arbitrary commands when extracted by the application...

Remote Code Execution (RCE)

genix/cms is vulnerable to remote code execution RCE attacks. A malicious user can upload a theme zip file containing arbitrary php code that executes arbitrary commands when extracted by the application...

Cross-site Scripting (XSS)

genix/cms is vulnerable to cross-site scripting XSS attacks. The library does not properly sanitize the id field in inc/lib/Control/Backend/menus.control.php, allowing a malicious user to inject and execute arbitrary web script...

Denial Of Service (DoS)

genix/cms is vulnerable to denial of service DoS attacks. A malicious user can attempt to register with a pre-existing username by appending the...

SQL Injection Via Mailbox

genix/cms is susceptible to SQL injection attacks. The vulnerability is possible because it allows attackers to register a new user by using with a chosen ID using a request such as register.php?act=edit=1...

SQL Injection

genix/cms is vulnerable to SQL injection. The attacker can trigger the attack because menus.control.php does not filter the user input to menuid...

Arbitrary User Password Reset

genix/cms is vulnerable to arbitrary user password reset. The password reset request can be sent any number of times by anyone, leading to the unavailability of an account for real user...

AlertDanger Protection Bypass

genix/cms is vulnerable to alertDanger protection bypass. It is possible to bypass the alertDanger MSGUSEREMAILEXIST protection mechanism via a register.php?act=edit=1 request...

SQL Injection

genix/cms is vulnerable to SQL injection attacks. The attacks exist because it does not filter the user-supplied parameter order given to the updateMenuOrder function in inc/lib/Control/Backend/menus.control.php which uses it as an SQL query...

MetalGenix GeniXCMS SQL Injection Vulnerability (CNVD-2017-00558)

MetalGenix GeniXCMS is a PHP-based content management system and framework CMSF from MetalGenix Indonesia, which provides modules for user management, content management and menu management. A SQL injection vulnerability exists in the inc/lib/Control/Backend/posts.control.php file in MetalGenix...