Lucene search
K

5 matches found

NVD
NVD
added 2018/03/19 2:29 p.m.19 views

CVE-2018-6842

Kentico 10 before 10.0.50 and 11 before 11.0.3 has XSS in which a crafted URL results in improper construction of a system page...

5.4CVSS5.3AI score0.00618EPSS
Exploits0References1
Cvelist
Cvelist
added 2018/03/19 2:0 p.m.18 views

CVE-2018-6842

Kentico 10 before 10.0.50 and 11 before 11.0.3 has XSS in which a crafted URL results in improper construction of a system page...

5.3AI score0.00618EPSS
Exploits0References1
Cvelist
Cvelist
added 2018/03/19 2:0 p.m.17 views

CVE-2018-6843

Kentico 10 before 10.0.50 and 11 before 11.0.3 has SQL injection in the administration interface...

7.5AI score0.01156EPSS
Exploits0References1
NVD
NVD
added 2018/02/20 3:29 p.m.21 views

CVE-2018-7205

Reflected Cross-Site Scripting vulnerability in "Design" on "Edit device layout" in Kentico 9 through 11 allows remote attackers to execute malicious JavaScript via a malicious devicename parameter in a link that is entered via the "Pages - Edit template properties - Device Layouts - Create devic...

4.8CVSS5.2AI score0.00846EPSS
Exploits3References1
Prion
Prion
added 2018/02/20 3:29 p.m.16 views

Remote code execution

DISPUTED Arbitrary code execution vulnerability in Kentico 9 through 11 allows remote authenticated users to execute arbitrary operating system commands in a dynamic .NET code evaluation context via C code in a "Pages - Edit - Template - Edit template properties - Layout" box. NOTE: the vendor ha...

9CVSS7.2AI score0.05519EPSS
Exploits3References1Affected Software1
Rows per page
Query Builder