📄 Cockpit CMS 0.13.0 Cross Site Scripting

Multiple reflected cross site scripting vulnerabilities exist in Cockpit CMS version 0.13.0. The vulnerabilities allow remote attackers to inject arbitrary web script or HTML. This issue is older research added to the archive. Cockpit CMS 0.13.0 - Multiple Reflected XSS Advisory ID: RO-16-003...

EUVD-2018-9937

Malware in sbrugna...

CVE-2018-18199

Mediamanager in REDAXO before 5.6.4 has XSS...

The vulnerability of the core.mediamanager component in the SCHLIX CMS content management system allows a hacker to execute arbitrary code.

The vulnerability of the core.mediamanager component in the SCHLIX CMS content management system is related to the unlimited loading of dangerous files. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

PT-2024-1820 · Unknown · Schlix Cms

Name of the Vulnerable Software and Affected Versions: Schlix CMS version 2.2.8-1 Description: The issue is related to an arbitrary file upload vulnerability in the core.mediamanager component of Schlix CMS, which allows remote authenticated attackers to execute arbitrary code and obtain sensitiv...

PT-2022-28064 · Flatpress · Flatpress

Name of the Vulnerable Software and Affected Versions: FlatPress affected versions not specified Description: A critical issue was found in FlatPress, affecting the function doItemActions of the file fp-plugins/mediamanager/panels/panel.mediamanager.file.php of the component File Delete Handler...

FlatPress 路径遍历漏洞

FlatPress is a Php-based blog builder without database support from the FlatPress community. FlatPress has a path traversal vulnerability , the vulnerability stems from the component File Delete Handler in the fp-plugins/mediamanager/panels/panel.mediamanager.file.php file of the function...

FlatPress 跨站脚本漏洞

FlatPress is a Php-based blog builder without database support from the FlatPress community. FlatPress has a cross-site scripting vulnerability, the vulnerability stems from a problem with the function main in the fp-plugins/mediamanager/panels/panel.mediamanager.file.php file of the component...

Schlix CMS File Upload Vulnerability

Schlix CMS is an open source content management system CMS based on PHP and MySQL. A file upload vulnerability exists in admin/app/mediamanager in Schlix CMS version 2.1.8-7, which stems from the program's failure to restrict file uploads and can be exploited by an attacker to execute code...

PT-2019-12143 · Schlix · Schlix Cms

Name of the Vulnerable Software and Affected Versions: Schlix CMS version 2.1.8-7 Description: The issue allows authenticated unrestricted file upload, leading to remote code execution. This can be achieved through the admin/app/mediamanager endpoint. It requires admin permission to exploit, maki...

REDAXO Cross-Site Scripting Vulnerability

REDAXO is an open source Web portal content management system . The system supports custom modules , plug-in extensions , project backup and so on. A cross-site scripting vulnerability exists in Mediamanager in versions prior to REDAXO 5.6.4. A remote attacker can exploit this vulnerability to...

CVE-2018-18199

Mediamanager in REDAXO before 5.6.4 has XSS...

Cross site scripting

Mediamanager in REDAXO before 5.6.4 has XSS...

CVE-2018-18199

Mediamanager in REDAXO before 5.6.4 has XSS...

CVE-2018-18199

Mediamanager in REDAXO before 5.6.4 contains a cross-site scripting (XSS) vulnerability. The issue affects REDAXO prior to version 5.6.4 in the Mediamanager component, enabling a remote attacker to inject arbitrary web script or HTML. Remediation: upgrade to REDAXO 5.6.4 or later (per the officia...

CVE-2006-1165

Cross-site scripting XSS vulnerability in the mediamanager module in DokuWiki before 2006-03-05 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors relating to "handling EXIF data."...

DEBIAN-CVE-2006-1165

Cross-site scripting XSS vulnerability in the mediamanager module in DokuWiki before 2006-03-05 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors relating to "handling EXIF data."...

CVE-2006-1165

Cross-site scripting XSS vulnerability in the mediamanager module in DokuWiki before 2006-03-05 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors relating to "handling EXIF data."...

Cross site scripting

Cross-site scripting XSS vulnerability in the mediamanager module in DokuWiki before 2006-03-05 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors relating to "handling EXIF data."...

CVE-2006-1165

CVE-2006-1165 is an XSS vulnerability in the DokuWiki mediamanager module. Affects DokuWiki versions prior to 2006-03-05; impact is remote script/HTML injection via unknown attack vectors tied to EXIF data handling. The provided documents do not specify a fix or remediation steps.