Lucene search
K

92 matches found

GithubExploit
GithubExploit
added 2024/08/26 6:32 a.m.74 views

Exploit for CVE-2024-41312

CVE-2024-41312. InstantCMS - Stored Cross Site Scripting XSS...

9.1AI score
Exploits1
Positive Technologies
Positive Technologies
added 2024/08/26 12:0 a.m.6 views

PT-2024-29357 · Unknown · Instantcms

Name of the Vulnerable Software and Affected Versions: InstantCMS affected versions not specified Description: The issue is related to Stored Cross Site Scripting XSS. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability...

6.3AI score
Exploits1References1
CVE
CVE
added 2024/04/05 2:43 p.m.53 views

CVE-2024-31213

CVE-2024-31213 describes an open redirect in InstantCMS ICMS2 (version 2.16.2) occurring after a user modifies their profile. An attacker could lure a victim to visit a malicious site that imitates the ICMS2 flow and prompts for the user’s password, which could be sent to the attacker. The CVE no...

5.4CVSS4AI score0.00399EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/04/05 2:43 p.m.20 views

CVE-2024-31213 InstantCMS Open Redirect vulnerability

InstantCMS is a free and open source content management system. An open redirect was found in the ICMS2 application version 2.16.2 when being redirected after modifying one's own user profile. An attacker could trick a victim into visiting their web application, thinking they are still present on...

3.5CVSS7AI score0.00399EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/04/05 2:43 p.m.27 views

CVE-2024-31213 InstantCMS Open Redirect vulnerability

InstantCMS is a free and open source content management system. An open redirect was found in the ICMS2 application version 2.16.2 when being redirected after modifying one's own user profile. An attacker could trick a victim into visiting their web application, thinking they are still present on...

3.5CVSS4.5AI score0.00399EPSS
Exploits1References1
OSV
OSV
added 2024/04/05 2:43 p.m.9 views

CVE-2024-31213 InstantCMS Open Redirect vulnerability

InstantCMS is a free and open source content management system. An open redirect was found in the ICMS2 application version 2.16.2 when being redirected after modifying one's own user profile. An attacker could trick a victim into visiting their web application, thinking they are still present on...

3.5CVSS6.8AI score0.00399EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2024/04/05 12:0 a.m.4 views

PT-2024-23856 · Unknown · Instantcms

Name of the Vulnerable Software and Affected Versions: InstantCMS version 2.16.2 Description: An open redirect was found in the ICMS2 application when being redirected after modifying one's own user profile. An attacker could trick a victim into visiting their web application, thinking they are...

5.4CVSS7.1AI score0.00399EPSS
Exploits1References8
NVD
NVD
added 2024/04/04 11:15 p.m.13 views

CVE-2024-31212

InstantCMS is a free and open source content management system. A SQL injection vulnerability affects instantcms v2.16.2 in which an attacker with administrative privileges can cause the application to execute unauthorized SQL code. The vulnerability exists in indexchartdata action, which receive...

7.2CVSS6.8AI score0.00854EPSS
Exploits1References4
CVE
CVE
added 2024/04/04 11:2 p.m.61 views

CVE-2024-31212

CVE-2024-31212 affects InstantCMS v2.16.2 in the index_chart_data action. The vulnerability arises from unsanitized user input passed to the core model’s filterFunc, which is embedded into an SQL statement, allowing an attacker with administrative privileges to inject SQL code. The vulnerable inp...

7.2CVSS6.8AI score0.00854EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichment
added 2024/04/04 11:2 p.m.16 views

CVE-2024-31212 SQL injection in index_chart_data action

InstantCMS is a free and open source content management system. A SQL injection vulnerability affects instantcms v2.16.2 in which an attacker with administrative privileges can cause the application to execute unauthorized SQL code. The vulnerability exists in indexchartdata action, which receive...

6.7CVSS8.3AI score0.00854EPSS
Exploits1References4
OSV
OSV
added 2024/04/04 11:2 p.m.15 views

CVE-2024-31212 SQL injection in index_chart_data action

InstantCMS is a free and open source content management system. A SQL injection vulnerability affects instantcms v2.16.2 in which an attacker with administrative privileges can cause the application to execute unauthorized SQL code. The vulnerability exists in indexchartdata action, which receive...

6.7CVSS8.2AI score0.00854EPSS
Exploits1References6
Cvelist
Cvelist
added 2024/04/04 11:2 p.m.25 views

CVE-2024-31212 SQL injection in index_chart_data action

InstantCMS is a free and open source content management system. A SQL injection vulnerability affects instantcms v2.16.2 in which an attacker with administrative privileges can cause the application to execute unauthorized SQL code. The vulnerability exists in indexchartdata action, which receive...

6.7CVSS7.1AI score0.00854EPSS
Exploits1References4
CNNVD
CNNVD
added 2024/04/04 12:0 a.m.5 views

InstantCMS 安全漏洞

InstantCMS is a free open source CMS from instantSoft open source. A security vulnerability exists in InstantCMS version v2.16.2, which stems from a SQL injection vulnerability in indexchartdata...

7.2CVSS7.9AI score0.00854EPSS
Exploits1References5
Packet Storm
Packet Storm
added 2024/02/19 12:0 a.m.267 views

InstantCMS 2.16.1 Cross Site Scripting

Exploit Title: InstantCMS - Store XSS Application: InstantCMS Version: v2.16.1 Bugs: Stored XSS Technology: PHP Vendor Homepage: https://instantcms.ru/ Software Link: https://instantcms.ru/get Date: 14.09.2023 Author: SoSPiro Tested on: Windows Description I noticed that you filtered the filter...

7.4AI score
Exploits0
NVD
NVD
added 2018/07/18 3:29 p.m.12 views

CVE-2018-14382

InstantCMS 2.10.1 has /redirect?url= XSS...

6.1CVSS6.3AI score0.00865EPSS
Exploits1References1
Prion
Prion
added 2018/07/18 3:29 p.m.12 views

Cross site scripting

InstantCMS 2.10.1 has /redirect?url= XSS...

4.3CVSS6.3AI score0.00865EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2018/07/18 3:29 p.m.12 views

CVE-2018-14382

InstantCMS 2.10.1 has /redirect?url= XSS...

6.1CVSS6.9AI score
Exploits0References1
Cvelist
Cvelist
added 2018/07/18 3:0 p.m.16 views

CVE-2018-14382

InstantCMS 2.10.1 has /redirect?url= XSS...

6.4AI score0.00865EPSS
Exploits1References1
CVE
CVE
added 2018/07/18 3:0 p.m.50 views

CVE-2018-14382

CVE-2018-14382 affects InstantCMS 2.10.1 with a reflected XSS via the path /redirect?url= . The CVE record notes an injection in this redirect parameter; CVSS v2 base score 4.3 (MEDIUM) and CVSS v3 base score 6.1 (MEDIUM). Exploitation details are not described beyond the vulnerability type in th...

6.1CVSS6.3AI score0.00865EPSS
Exploits1References1Affected Software1
Openbugbounty
Openbugbounty
added 2016/01/03 1:10 a.m.16 views

instantcms.ru Open Redirect vulnerability

Vulnerable URL: http://www.instantcms.ru/go/url=http://xssposed.org/ Details: Description| Value ---|--- Patched:| Yes, at 26.07.2017 Latest check for patch:| 26.07.2017 11:53 GMT Vulnerability type:| Open Redirect Vulnerability status:| Publicly disclosed Alexa Rank| 35958 Google Pagerank| 4 VIP...

6.9AI score
Exploits0
Rows per page
Query Builder