GeniXCMS Cross-site Scripting (XSS) via id parameter

In GeniXCMS 1.1.4, /inc/lib/Control/Backend/menus.control.php has XSS via the id parameter...

GHSA-JGC6-JR94-H442 GeniXCMS Cross-site Scripting (XSS) via id parameter

In GeniXCMS 1.1.4, /inc/lib/Control/Backend/menus.control.php has XSS via the id parameter...

GeniXCMS Cross-site Scripting (XSS) vulnerability via id parameter

In GeniXCMS 1.1.4, /inc/lib/backend/menus.control.php has XSS via the id parameter...

Cross-site Scripting (XSS)

genix/cms is vulnerable to cross-site scripting XSS attacks. The library does not properly sanitize the Menu ID field ininc/lib/Control/Backend/menus.control.php , allowing a malicious user to inject and execute arbitrary web script through a page=menus request...

Cross-site Scripting (XSS)

genix/cms is vulnerable to cross-site scripting XSS attacks. The library does not properly sanitize the id field in /inc/lib/backend/menus.control.php, allowing a malicious user to inject and execute arbitrary web script...

CVE-2017-14761

In GeniXCMS 1.1.4, /inc/lib/backend/menus.control.php has XSS via the id parameter...

CVE-2017-14762

In GeniXCMS 1.1.4, /inc/lib/Control/Backend/menus.control.php has XSS via the id parameter...

Design/Logic Flaw

In GeniXCMS 1.1.4, /inc/lib/Control/Backend/menus.control.php has XSS via the id parameter...

CVE-2017-14762

In GeniXCMS 1.1.4, /inc/lib/Control/Backend/menus.control.php has XSS via the id parameter...

GeniXCMS /inc/lib/Control/Backend/menus.control.php File Cross-Site Scripting Vulnerability

MetalGenix GeniXCMS is a PHP-based content management system and framework CMSF from MetalGenix Indonesia, which provides modules for user management, content management and menu management. A cross-site scripting vulnerability exists in the /inc/lib/Control/Backend/menus.control.php file in...

GeniXCMS /inc/lib/backend/menus.control.php file cross-site scripting vulnerability

MetalGenix GeniXCMS is a PHP-based content management system and framework CMSF from MetalGenix Indonesia, which provides modules for user management, content management and menu management. A cross-site scripting vulnerability exists in the /inc/lib/backend/menus.control.php file in MetalGenix...

SQL Injection

genix/cms is vulnerable to SQL injection attacks. The attacks exist because it does not filter the user-supplied parameter order given to the updateMenuOrder function in inc/lib/Control/Backend/menus.control.php which uses it as an SQL query...

MetalGenix GeniXCMS SQL Injection Vulnerability (CNVD-2017-06841)

MetalGenix GeniXCMS is a PHP-based content management system and framework CMSF from MetalGenix Indonesia, which provides modules for user management, content management and menu management. A SQL injection vulnerability exists in the inc/lib/Control/Backend/menus.control.php file in MetalGenix...

CVE-2017-8377

GeniXCMS 1.0.2 has SQL Injection in inc/lib/Control/Backend/menus.control.php via the menuid parameter...

CVE-2017-6065

SQL injection vulnerability in inc/lib/Control/Backend/menus.control.php in GeniXCMS through 1.0.2 allows remote authenticated users to execute arbitrary SQL commands via the order parameter...

Sql injection

SQL injection vulnerability in inc/lib/Control/Backend/menus.control.php in GeniXCMS through 1.0.2 allows remote authenticated users to execute arbitrary SQL commands via the order parameter...

CVE-2017-6065

SQL injection vulnerability in inc/lib/Control/Backend/menus.control.php in GeniXCMS through 1.0.2 allows remote authenticated users to execute arbitrary SQL commands via the order parameter...