25 matches found
EUVD-2020-14206
Malware in sbrugna...
EUVD-2020-14159
Malware in sbrugna...
EUVD-2018-4092
Malware in sbrugna...
EUVD-2020-14158
Malware in sbrugna...
CVE-2020-21386
A Cross-Site Request Forgery CSRF in the component admin.php/admin/type/info.html of Maccms 10 allows attackers to gain administrator privileges...
CVE-2020-21387
A cross-site scripting XSS vulnerability in the parameter typeen of Maccms 10 allows attackers to obtain the administrator cookie and escalate privileges via a crafted payload...
CVE-2020-21434
Maccms 10 contains a cross-site scripting XSS vulnerability in the Editing function under the Member module. This vulnerability is exploited via a crafted payload in the nickname text field...
CVE-2020-21434
Maccms 10 contains a cross-site scripting XSS vulnerability in the Editing function under the Member module. This vulnerability is exploited via a crafted payload in the nickname text field...
Cross site scripting
Maccms 10 contains a cross-site scripting XSS vulnerability in the Editing function under the Member module. This vulnerability is exploited via a crafted payload in the nickname text field...
CVE-2020-21434
Maccms 10 contains a cross-site scripting XSS vulnerability in the Editing function under the Member module. This vulnerability is exploited via a crafted payload in the nickname text field...
CVE-2020-21387
A cross-site scripting XSS vulnerability in the parameter typeen of Maccms 10 allows attackers to obtain the administrator cookie and escalate privileges via a crafted payload...
CVE-2020-21386
A Cross-Site Request Forgery CSRF in the component admin.php/admin/type/info.html of Maccms 10 allows attackers to gain administrator privileges...
Cross site request forgery (csrf)
A Cross-Site Request Forgery CSRF in the component admin.php/admin/type/info.html of Maccms 10 allows attackers to gain administrator privileges...
Cross site scripting
A cross-site scripting XSS vulnerability in the parameter typeen of Maccms 10 allows attackers to obtain the administrator cookie and escalate privileges via a crafted payload...
CVE-2020-21387
CVE-2020-21387 is an XSS vulnerability in the parameter type_en of Maccms 10 (a PHP CMS for film/TV). The issue arises from inadequate handling of input in the type_en parameter, enabling an attacker to craft a payload that can steal the administrator cookie and escalate privileges. The linked do...
CVE-2020-21386
CVE-2020-21386 is a CSRF vulnerability in Maccms 10 affecting the component admin.php/admin/type/info.html. The issue arises from its admin flow failing to verify that requests originate from trusted users, enabling an attacker to gain administrator privileges. The connected documents consistentl...
CVE-2020-21386
A Cross-Site Request Forgery CSRF in the component admin.php/admin/type/info.html of Maccms 10 allows attackers to gain administrator privileges...
Maccms Cross-Site Scripting Vulnerability (CNVD-2022-30796)
Maccms 10 is a PHP-based film and television content management system CMS. Maccms 10 is vulnerable to a cross-site scripting vulnerability, which originates from the ""wd"" parameter in the software's background search function that is not effectively restricted and checked, and can be exploited...
Design/Logic Flaw
Maccms 10 allows remote attackers to execute arbitrary PHP code by entering this code in a template/defaultpc/html/art Edit action. This occurs because template rendering uses an include operation on a cache file, which bypasses the prohibition of .php files as templates...
CVE-2019-9829
CVE-2019-9829 affects Maccms 10. The vulnerability arises from template rendering that uses an include operation on a cache file, bypassing the prohibition of .php files as templates, allowing remote attackers to execute arbitrary PHP code. Documented impact is high (CVSSv3 base score 8.8; networ...