Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

282 matches found

Packet Storm
Packet Stormadded 2020/12/04 12:0 a.m.803 views

MiniCMS 1.10 Cross Site Scripting

Exploit Title: MiniCMS 1.10 - 'content box' Stored XSS Date: 2019-7-4 Exploit Author: yudp Vendor Homepage: https://github.com/bg5sbk/MiniCMS Software Link:https://github.com/bg5sbk/MiniCMS Version: 1.10 CVE :CVE-2019-13339 Payload:alert"3: "+document.domain In /MiniCMS/mc-admin/page-edit.php POC...

3.5CVSS5.2AI score0.00219EPSS
Exploits2
Exploit DB
Exploit DBadded 2020/12/04 12:0 a.m.892 views

MiniCMS 1.10 - 'content box' Stored XSS

Exploit Title: MiniCMS 1.10 - 'content box' Stored XSS Date: 2019-7-4 Exploit Author: yudp Vendor Homepage: https://github.com/bg5sbk/MiniCMS Software Link:https://github.com/bg5sbk/MiniCMS Version: 1.10 CVE :CVE-2019-13339 Payload:alert"3: "+document.domain In /MiniCMS/mc-admin/page-edit.php POC...

4.8CVSS5.2AI score0.00219EPSS
Exploits2
CNVD
CNVDadded 2019/12/22 12:0 a.m.1 views

Command Execution Vulnerability in Minicms

MiniCMS Content Management System is a popular software under Php Source Channel. A command execution vulnerability exists in Minicms, which can be exploited by an attacker to execute arbitrary commands...

7.7AI score
Exploits0
CNVD
CNVDadded 2019/07/09 12:0 a.m.1 views

MiniCMS mc-admin/page-edit.php file cross-site scripting vulnerability

MiniCMS is a content management system CMS designed for personal websites. A cross-site scripting vulnerability exists in the mc-admin/page-edit.php file in MiniCMS version 1.10. The vulnerability stems from the lack of proper validation of client-side data by the WEB application. An attacker can...

4.8CVSS6.4AI score0.00219EPSS
Exploits2References1
OSV
OSVadded 2019/07/05 3:16 p.m.17 views

CVE-2019-13340

In MiniCMS V1.10, stored XSS was found in mc-admin/post-edit.php via the content box. An attacker can use it to get a user's cookie. This is different from CVE-2018-10296, CVE-2018-16233, CVE-2018-20520, and CVE-2019-13186...

4.8CVSS5.9AI score
Exploits0References1
OSV
OSVadded 2019/07/05 3:16 p.m.16 views

CVE-2019-13341

In MiniCMS V1.10, stored XSS was found in mc-admin/conf.php comment box, which can be used to get a user's cookie...

4.8CVSS5.7AI score
Exploits0References1
NVD
NVDadded 2019/07/05 3:16 p.m.13 views

CVE-2019-13341

In MiniCMS V1.10, stored XSS was found in mc-admin/conf.php comment box, which can be used to get a user's cookie...

4.8CVSS4.8AI score0.00219EPSS
Exploits1References1
NVD
NVDadded 2019/07/05 3:16 p.m.16 views

CVE-2019-13340

In MiniCMS V1.10, stored XSS was found in mc-admin/post-edit.php via the content box. An attacker can use it to get a user's cookie. This is different from CVE-2018-10296, CVE-2018-16233, CVE-2018-20520, and CVE-2019-13186...

4.8CVSS5.2AI score0.00219EPSS
Exploits1References1
NVD
NVDadded 2019/07/05 3:16 p.m.17 views

CVE-2019-13339

In MiniCMS V1.10, stored XSS was found in mc-admin/page-edit.php content box, which can be used to get a user's cookie...

4.8CVSS4.8AI score0.00219EPSS
Exploits2References1
OSV
OSVadded 2019/07/05 3:16 p.m.15 views

CVE-2019-13339

In MiniCMS V1.10, stored XSS was found in mc-admin/page-edit.php content box, which can be used to get a user's cookie...

4.8CVSS5.7AI score
Exploits0References1
Prion
Prionadded 2019/07/05 3:16 p.m.18 views

Cross site scripting

In MiniCMS V1.10, stored XSS was found in mc-admin/page-edit.php content box, which can be used to get a user's cookie...

3.5CVSS4.7AI score0.00219EPSS
Exploits2References1Affected Software1
Prion
Prionadded 2019/07/05 3:16 p.m.21 views

Cross site scripting

In MiniCMS V1.10, stored XSS was found in mc-admin/post-edit.php via the content box. An attacker can use it to get a user's cookie. This is different from CVE-2018-10296, CVE-2018-16233, CVE-2018-20520, and CVE-2019-13186...

3.5CVSS5.2AI score0.0024EPSS
Exploits4References1Affected Software1
Prion
Prionadded 2019/07/05 3:16 p.m.12 views

Cross site scripting

In MiniCMS V1.10, stored XSS was found in mc-admin/conf.php comment box, which can be used to get a user's cookie...

3.5CVSS4.7AI score0.00219EPSS
Exploits1References1Affected Software1
CVE
CVEadded 2019/07/05 2:5 p.m.294 views

CVE-2019-13341

MiniCMS v1.10 contains a stored XSS in mc-admin/conf.php (comment box). The vulnerability arises from insufficient input validation of client-side data, enabling an attacker to steal a user’s cookie. The affected product is MiniCMS 1.10; no patch/version remediation details are provided in the su...

4.8CVSS4.7AI score0.00219EPSS
Exploits1References1Affected Software1
Cvelist
Cvelistadded 2019/07/05 2:5 p.m.13 views

CVE-2019-13341

In MiniCMS V1.10, stored XSS was found in mc-admin/conf.php comment box, which can be used to get a user's cookie...

4.9AI score0.00219EPSS
Exploits1References1
CVE
CVEadded 2019/07/05 2:5 p.m.286 views

CVE-2019-13340

CVE-2019-13340 affects MiniCMS v1.10 with a stored XSS in mc-admin/post-edit.php (content box). The root cause is unsanitized input being stored in the content field, enabling an attacker to steal a user’s cookie. Impact is aligned with stored XSS, enabling credential/session data exposure; explo...

4.8CVSS5.1AI score0.00219EPSS
Exploits1References1Affected Software1
Cvelist
Cvelistadded 2019/07/05 2:5 p.m.20 views

CVE-2019-13340

In MiniCMS V1.10, stored XSS was found in mc-admin/post-edit.php via the content box. An attacker can use it to get a user's cookie. This is different from CVE-2018-10296, CVE-2018-16233, CVE-2018-20520, and CVE-2019-13186...

5.2AI score0.00219EPSS
Exploits1References1
Cvelist
Cvelistadded 2019/07/05 2:5 p.m.18 views

CVE-2019-13339

In MiniCMS V1.10, stored XSS was found in mc-admin/page-edit.php content box, which can be used to get a user's cookie...

4.8AI score0.00219EPSS
Exploits2References1
CVE
CVEadded 2019/07/05 2:5 p.m.298 views

CVE-2019-13339

CVE-2019-13339 affects MiniCMS v1.10. The stored XSS is in mc-admin/page-edit.php (content box) due to lack of proper validation of client-side data, allowing an attacker to obtain a user’s cookie. Connected sources also show public exploitation material (e.g., Exploit-DB) with a payload demonstr...

4.8CVSS4.7AI score0.00219EPSS
Exploits2References1Affected Software1
CNVD
CNVDadded 2019/07/05 12:0 a.m.1 views

MiniCMS Cross-Site Scripting Vulnerability (CNVD-2019-21430)

MiniCMS is a content management system CMS designed for personal websites. A cross-site scripting vulnerability exists in the mc-admin/post-edit.php file in MiniCMS version 1.10, which stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit this...

6.1CVSS6.4AI score0.0024EPSS
Exploits1References1
Rows per page
Query Builder