CVE-2018-16298

An issue was discovered in MiniCMS 1.10. There is an mc-admin/post.php?tag= XSS vulnerability for a state=delete, state=draft, or state=publish request...

CVE-2018-18892

MiniCMS 1.10 allows execution of arbitrary PHP code via the install.php sitename parameter, which affects the sitename field in mcconf.php...

CVE-2019-13339

In MiniCMS V1.10, stored XSS was found in mc-admin/page-edit.php content box, which can be used to get a user's cookie...

📄 MiniCMS 1.1 Cross Site Scripting

MiniCMS version 1.1 suffers from a cross site scripting vulnerability. Exploit Title: MiniCMS 1.1 Cross-Site Scripting XSS in date Parameter of mc-admin/page.php Date: 2024-10-26 Exploit Author: CodeSecLab Vendor Homepage: https://github.com/bg5sbk/MiniCMS Software Link:...

MiniCMS 1.1 - Cross Site Scripting (XSS)

Exploit Title: MiniCMS 1.1 - Cross Site Scripting XSS Date: 2024-10-26 Exploit Author: CodeSecLab Vendor Homepage: https://github.com/bg5sbk/MiniCMS Software Link: https://github.com/bg5sbk/MiniCMS Version: 1.10 Tested on: Ubuntu Windows CVE : CVE-2018-1000638 PoC: GET...

CVE-2024-9281

A vulnerability was found in bg5sbk MiniCMS up to 1.11 and classified as problematic. This issue affects some unknown processing of the file post-edit.php. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and...

CVE-2024-9282

A vulnerability was found in bg5sbk MiniCMS 1.11. It has been classified as problematic. Affected is an unknown function of the file page-edit.php. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and...

CVE-2024-9281

A vulnerability was found in bg5sbk MiniCMS up to 1.11 and classified as problematic. This issue affects some unknown processing of the file post-edit.php. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and...

CVE-2024-9282 bg5sbk MiniCMS page-edit.php cross-site request forgery

A vulnerability was found in bg5sbk MiniCMS 1.11. It has been classified as problematic. Affected is an unknown function of the file page-edit.php. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and...

CVE-2024-9282

CVE-2024-9282 affects bg5sbk MiniCMS 1.11. A vulnerability in an unknown function of page-edit.php enables cross-site request forgery (CSRF). The issue can be triggered remotely and has had its exploit disclosed publicly. Multiple sources corroborate the affected component and version, noting the...

CVE-2024-9281

CVE-2024-9281 affects bg5sbk MiniCMS up to 1.11. The issue arises from unknown processing in post-edit.php that enables cross-site request forgery. The vulnerability can be triggered remotely and an exploit has been disclosed publicly. Remediation details in the consulted PTSEC report suggest a t...

CVE-2024-9281 bg5sbk MiniCMS post-edit.php cross-site request forgery

A vulnerability was found in bg5sbk MiniCMS up to 1.11 and classified as problematic. This issue affects some unknown processing of the file post-edit.php. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and...

CVE-2024-9281 bg5sbk MiniCMS post-edit.php cross-site request forgery

A vulnerability was found in bg5sbk MiniCMS up to 1.11 and classified as problematic. This issue affects some unknown processing of the file post-edit.php. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and...

MiniCMS 跨站请求伪造漏洞

MiniCMS is a mini content management system designed for personal websites by Dada bg5sbk individual developers. A cross-site request forgery vulnerability exists in MiniCMS 1.11 and earlier versions, which stems from some unknown processing in the file post-edit.php that can lead to cross-site...

PT-2024-39539 · Unknown · Bg5Sbk Minicms

Name of the Vulnerable Software and Affected Versions: bg5sbk MiniCMS versions up to 1.11 Description: A vulnerability was found in bg5sbk MiniCMS, affecting some unknown processing of the file post-edit.php, leading to cross-site request forgery. The attack may be initiated remotely. The exploit...

PT-2024-39540 · Unknown · Bg5Sbk Minicms

Name of the Vulnerable Software and Affected Versions: bg5sbk MiniCMS version 1.11 Description: A vulnerability was found in bg5sbk MiniCMS, classified as problematic. It affects an unknown function of the file page-edit.php, leading to cross-site request forgery. The attack can be launched...

MiniCMS 跨站请求伪造漏洞

MiniCMS is a mini content management system designed for personal websites by Dada bg5sbk, an individual developer. A cross-site request forgery vulnerability exists in MiniCMS version 1.11, which originates from an unknown function in the file page-edit.php that can lead to cross-site request...

MiniCMS Cross-Site Scripting Vulnerability (CNVD-2024-24950)

MiniCMS is the minimalist content management system for personal websites. A cross-site scripting vulnerability exists in MiniCMS v.1.11, which stems from the lack of effective filtering and escaping of user-supplied data, and can be exploited by an attacker to execute arbitrary Web script or HTM...

CVE-2024-31741

Cross Site Scripting vulnerability in MiniCMS v.1.11 allows a remote attacker to run arbitrary code via crafted string in the URL after login...

CVE-2024-31741

Cross Site Scripting vulnerability in MiniCMS v.1.11 allows a remote attacker to run arbitrary code via crafted string in the URL after login...