7 matches found
CVE-2023-46378
Stored Cross Site Scripting XSS vulnerability in MiniCMS 1.1.1 allows attackers to run arbitrary code via crafted string appended to /mc-admin/conf.php...
CVE-2019-13341
In MiniCMS V1.10, stored XSS was found in mc-admin/conf.php comment box, which can be used to get a user's cookie...
Cross site scripting
In MiniCMS V1.10, stored XSS was found in mc-admin/conf.php comment box, which can be used to get a user's cookie...
CVE-2019-13341
MiniCMS v1.10 contains a stored XSS in mc-admin/conf.php (comment box). The vulnerability arises from insufficient input validation of client-side data, enabling an attacker to steal a user’s cookie. The affected product is MiniCMS 1.10; no patch/version remediation details are provided in the su...
CVE-2018-9092
There is a CSRF vulnerability in mc-admin/conf.php in MiniCMS 1.10 that can change the administrator account password...
Cross site request forgery (csrf)
There is a CSRF vulnerability in mc-admin/conf.php in MiniCMS 1.10 that can change the administrator account password...
CVE-2018-9092
There is a CSRF vulnerability in mc-admin/conf.php in MiniCMS 1.10 that can change the administrator account password...