39 matches found
CVE-2023-43344
Cross-site scripting XSS vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the SEO - Meta description parameter in the Pages Menu component...
CVE-2023-43344
Cross-site scripting XSS vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the SEO - Meta description parameter in the Pages Menu component...
CVE-2023-43344
Cross-site scripting XSS vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the SEO - Meta description parameter in the Pages Menu component...
Cross site scripting
Cross-site scripting XSS vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the Languages Menu component...
CVE-2023-43345
OpenSolution Quick CMS 6.7 is affected by a stored XSS in the Pages Menu component, triggered by crafting the Content - Name parameter. The vulnerability allows a local attacker to execute arbitrary code via the injected script, with impact on confidentiality, integrity, and availability as per t...
CVE-2023-43359
Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Page Specific Metadata and Smarty data parameters in the Content Manager Menu component...
CVE-2023-43344
Cross-site scripting XSS vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the SEO - Meta description parameter in the Pages Menu component...
PT-2023-28794 · Opensolution · Opensolution Quick Cms
Name of the Vulnerable Software and Affected Versions: opensolution Quick CMS version 6.7 Description: A cross-site scripting XSS issue allows a local attacker to execute arbitrary code via a crafted script to the Content - Name parameter in the Pages Menu component. This enables the attacker to...
CVE-2023-43345
Cross-site scripting XSS vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the Content - Name parameter in the Pages Menu component...
CVE-2023-43343
Cross-site scripting XSS vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the Files - Description parameter in the Pages Menu component...
CVE-2022-32061
An arbitrary file upload vulnerability in the Select User function under the People Menu component of Snipe-IT v6.0.2 allows attackers to execute arbitrary code via a crafted file...
Sql injection
Cuppa CMS v1.0 was discovered to contain a SQL injection vulnerability in /administrator/components/menu/ via the path=component/menu/&menufilter=3 parameter...
CVE-2022-24265
CVE-2022-24265 affects Cuppa CMS v1.0. The vulnerability is a SQL injection in /administrator/components/menu/ triggered by the path=component/menu/&menu_filter=3 parameter, as described in multiple connected sources. Impact statements indicate unauthorized access and data leakage, with risk deta...
WonderCMS Cross-Site Scripting Vulnerability (CNVD-2020-75631)
WonderCMS is an open source, fast, small and simple flat file cms. A cross-site scripting vulnerability exists in the Menu component in WonderCMS 3.1.3. An attacker can exploit this vulnerability to steal cookies...
Cross site scripting
WonderCMS 3.1.3 is affected by cross-site scripting XSS in the Menu component. This vulnerability can allow an attacker to inject the XSS payload in the Setting - Menu and each time any user will visits the website directory, the XSS triggers and attacker can steal the cookie according to the...
CVE-2020-29469
CVE-2020-29469 affects WonderCMS 3.1.3 with a cross-site scripting (XSS) flaw in the Menu component. The vulnerability lets an attacker inject arbitrary scripts via the Menu settings, which are then executed when users visit the site directory, enabling cookie theft per the documented payload exa...
CVE-2020-29469
WonderCMS 3.1.3 is affected by cross-site scripting XSS in the Menu component. This vulnerability can allow an attacker to inject the XSS payload in the Setting - Menu and each time any user will visits the website directory, the XSS triggers and attacker can steal the cookie according to the...
WonderCMS 跨站脚本漏洞
WonderCMS is an open source, fast, small and simple flat file cms. A cross-site scripting vulnerability exists in the Menu component in WonderCMS 3.1.3. An attacker can exploit this vulnerability to steal cookies...
Unspecified Vulnerability in Oracle E-Business Suite Oracle Application Object Library Menu Component
Oracle E-Business Suite is a new generation of e-business suite from Oracle. An unspecified security vulnerability exists in the Oracle E-Business Suite Oracle Application Object Library Menu component, which allows remote attackers to exploit the vulnerability to submit a special request to acce...