10 matches found
EUVD-2020-13457
Malware in sbrugna...
CVE-2020-20522
Cross Site Scripting vulnerability found in KiteCMS v.1.1 allows a remote attacker to execute arbitrary code via the registering user parameter...
Cross site scripting
Cross Site Scripting vulnerability found in KiteCMS v.1.1 allows a remote attacker to execute arbitrary code via the comment parameter...
CVE-2020-20672
An arbitrary file upload vulnerability in /admin/upload/uploadfile of KiteCMS V1.1 allows attackers to getshell via a crafted PHP file...
CVE-2020-20671
A cross-site request forgery CSRF in KiteCMS V1.1 allows attackers to arbitrarily add an administrator account...
CVE-2020-20672
An arbitrary file upload vulnerability in /admin/upload/uploadfile of KiteCMS V1.1 allows attackers to getshell via a crafted PHP file...
Cross site request forgery (csrf)
A cross-site request forgery CSRF in KiteCMS V1.1 allows attackers to arbitrarily add an administrator account...
CVE-2020-20672
KiteCMS v1.1 contains an arbitrary file upload vulnerability in /admin/upload/uploadfile that allows an attacker to getshell by uploading a crafted PHP file. Multiple sources (NVD/CVE, CNVD, Red Hat advisories, OSV, CVE lists) corroborate the flaw as an arbitrary file upload in KiteCMS with impac...
CVE-2020-20671
CVE-2020-20671 describes a cross-site request forgery (CSRF) in KiteCMS v1.1 that allows an attacker to arbitrarily add an administrator account. The connected records confirm the affected product/version and the attack class, but do not provide technical details beyond the CSRF vulnerability and...
CVE-2020-20671
A cross-site request forgery CSRF in KiteCMS V1.1 allows attackers to arbitrarily add an administrator account...