Lucene search
K

39 matches found

OSV
OSV
added 2023/10/19 10:15 p.m.9 views

CVE-2023-43344

Cross-site scripting XSS vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the SEO - Meta description parameter in the Pages Menu component...

5.4CVSS6.1AI score0.00644EPSS
Exploits1References1
NVD
NVD
added 2023/10/19 10:15 p.m.35 views

CVE-2023-43344

Cross-site scripting XSS vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the SEO - Meta description parameter in the Pages Menu component...

5.4CVSS5.5AI score0.00644EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2023/10/19 10:15 p.m.7 views

CVE-2023-43344

Cross-site scripting XSS vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the SEO - Meta description parameter in the Pages Menu component...

5.4CVSS6.1AI score0.00644EPSS
Exploits1References2
Prion
Prion
added 2023/10/19 10:15 p.m.13 views

Cross site scripting

Cross-site scripting XSS vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the Languages Menu component...

4.9CVSS5.5AI score0.00486EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2023/10/19 12:0 a.m.48 views

CVE-2023-43345

OpenSolution Quick CMS 6.7 is affected by a stored XSS in the Pages Menu component, triggered by crafting the Content - Name parameter. The vulnerability allows a local attacker to execute arbitrary code via the injected script, with impact on confidentiality, integrity, and availability as per t...

8.6CVSS7.5AI score0.00358EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/10/19 12:0 a.m.16 views

CVE-2023-43359

Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Page Specific Metadata and Smarty data parameters in the Content Manager Menu component...

6.9AI score0.00462EPSS
Exploits1References1
Cvelist
Cvelist
added 2023/10/19 12:0 a.m.37 views

CVE-2023-43344

Cross-site scripting XSS vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the SEO - Meta description parameter in the Pages Menu component...

5.7AI score0.00644EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2023/10/19 12:0 a.m.7 views

PT-2023-28794 · Opensolution · Opensolution Quick Cms

Name of the Vulnerable Software and Affected Versions: opensolution Quick CMS version 6.7 Description: A cross-site scripting XSS issue allows a local attacker to execute arbitrary code via a crafted script to the Content - Name parameter in the Pages Menu component. This enables the attacker to...

8.6CVSS7.9AI score0.00358EPSS
Exploits1References5
Cvelist
Cvelist
added 2023/10/19 12:0 a.m.17 views

CVE-2023-43345

Cross-site scripting XSS vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the Content - Name parameter in the Pages Menu component...

7.8AI score0.00358EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2023/10/05 10:15 p.m.5 views

CVE-2023-43343

Cross-site scripting XSS vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the Files - Description parameter in the Pages Menu component...

5.4CVSS6.1AI score0.00677EPSS
Exploits1References3
OSV
OSV
added 2022/07/07 11:15 p.m.15 views

CVE-2022-32061

An arbitrary file upload vulnerability in the Select User function under the People Menu component of Snipe-IT v6.0.2 allows attackers to execute arbitrary code via a crafted file...

4.8CVSS5.7AI score0.00634EPSS
Exploits1References1
Prion
Prion
added 2022/01/31 10:15 p.m.15 views

Sql injection

Cuppa CMS v1.0 was discovered to contain a SQL injection vulnerability in /administrator/components/menu/ via the path=component/menu/&menufilter=3 parameter...

7.8CVSS7.7AI score0.06711EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2022/01/31 9:27 p.m.72 views

CVE-2022-24265

CVE-2022-24265 affects Cuppa CMS v1.0. The vulnerability is a SQL injection in /administrator/components/menu/ triggered by the path=component/menu/&menu_filter=3 parameter, as described in multiple connected sources. Impact statements indicate unauthorized access and data leakage, with risk deta...

7.8CVSS7.7AI score0.06711EPSS
Exploits1References2Affected Software1
CNVD
CNVD
added 2020/12/31 12:0 a.m.2 views

WonderCMS Cross-Site Scripting Vulnerability (CNVD-2020-75631)

WonderCMS is an open source, fast, small and simple flat file cms. A cross-site scripting vulnerability exists in the Menu component in WonderCMS 3.1.3. An attacker can exploit this vulnerability to steal cookies...

5.4CVSS6.3AI score0.01371EPSS
Exploits3References1
Prion
Prion
added 2020/12/30 3:15 p.m.24 views

Cross site scripting

WonderCMS 3.1.3 is affected by cross-site scripting XSS in the Menu component. This vulnerability can allow an attacker to inject the XSS payload in the Setting - Menu and each time any user will visits the website directory, the XSS triggers and attacker can steal the cookie according to the...

3.5CVSS5.1AI score0.01371EPSS
Exploits3References1Affected Software1
CVE
CVE
added 2020/12/30 2:47 p.m.57 views

CVE-2020-29469

CVE-2020-29469 affects WonderCMS 3.1.3 with a cross-site scripting (XSS) flaw in the Menu component. The vulnerability lets an attacker inject arbitrary scripts via the Menu settings, which are then executed when users visit the site directory, enabling cookie theft per the documented payload exa...

5.4CVSS5.1AI score0.01371EPSS
Exploits3References1Affected Software1
Cvelist
Cvelist
added 2020/12/30 2:47 p.m.18 views

CVE-2020-29469

WonderCMS 3.1.3 is affected by cross-site scripting XSS in the Menu component. This vulnerability can allow an attacker to inject the XSS payload in the Setting - Menu and each time any user will visits the website directory, the XSS triggers and attacker can steal the cookie according to the...

5.2AI score0.01371EPSS
Exploits3References1
CNNVD
CNNVD
added 2020/12/30 12:0 a.m.10 views

WonderCMS 跨站脚本漏洞

WonderCMS is an open source, fast, small and simple flat file cms. A cross-site scripting vulnerability exists in the Menu component in WonderCMS 3.1.3. An attacker can exploit this vulnerability to steal cookies...

5.4CVSS5.6AI score0.01371EPSS
Exploits3References2
CNVD
CNVD
added 2016/01/23 12:0 a.m.6 views

Unspecified Vulnerability in Oracle E-Business Suite Oracle Application Object Library Menu Component

Oracle E-Business Suite is a new generation of e-business suite from Oracle. An unspecified security vulnerability exists in the Oracle E-Business Suite Oracle Application Object Library Menu component, which allows remote attackers to exploit the vulnerability to submit a special request to acce...

6.4CVSS6.9AI score0.01817EPSS
Exploits0References1
Rows per page
Query Builder