Lucene search
K

17 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-8572

Malware in sbrugna...

4.8CVSS5.1AI score0.0067EPSS
Exploits1References2
Snyk
Snyk
added 2025/03/30 10:46 p.m.2 views

Cross-site Scripting (XSS)

Overview concrete5/concrete5 is a concrete5 open source CMS. Affected versions of this package are vulnerable to Cross-site Scripting XSS through the manipulation of the Navigation/Title Text/Description Source argument due to improper sanitization. Details Cross-site scripting or XSS is a code...

5.1CVSS5.3AI score
Exploits0References2
OSV
OSV
added 2022/05/24 5:18 p.m.15 views

GHSA-74GC-HF33-5353 Fork CMS Cross-site Scripting Vulnerability

Fork before 5.8.3 allows XSS via navigationtitle or title...

6.1CVSS5.9AI score0.00679EPSS
Exploits0References4
OSV
OSV
added 2022/02/10 10:29 p.m.43 views

GHSA-VP4X-94FF-2CMV Cross-site scripting in forkcms

Persistent Cross-site scripting vulnerability on Fork CMS version 5.8.2 allows remote attackers to inject arbitrary Javascript code via the "navigationtitle" parameter and the "title" parameter in /private/en/pages/add...

6.1CVSS6.2AI score0.00844EPSS
Exploits0References2
NVD
NVD
added 2021/05/06 10:15 p.m.17 views

CVE-2020-23263

Persistent Cross-site scripting vulnerability on Fork CMS version 5.8.2 allows remote attackers to inject arbitrary Javascript code via the "navigationtitle" parameter and the "title" parameter in /private/en/pages/add...

6.1CVSS0.00844EPSS
Exploits0References1
OSV
OSV
added 2021/05/06 10:15 p.m.16 views

CVE-2020-23263

Persistent Cross-site scripting vulnerability on Fork CMS version 5.8.2 allows remote attackers to inject arbitrary Javascript code via the "navigationtitle" parameter and the "title" parameter in /private/en/pages/add...

6.1CVSS6.8AI score
Exploits0References1
Prion
Prion
added 2021/05/06 10:15 p.m.10 views

Cross site scripting

Persistent Cross-site scripting vulnerability on Fork CMS version 5.8.2 allows remote attackers to inject arbitrary Javascript code via the "navigationtitle" parameter and the "title" parameter in /private/en/pages/add...

4.3CVSS6.2AI score0.00844EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/05/06 9:42 p.m.17 views

CVE-2020-23263

Persistent Cross-site scripting vulnerability on Fork CMS version 5.8.2 allows remote attackers to inject arbitrary Javascript code via the "navigationtitle" parameter and the "title" parameter in /private/en/pages/add...

6.3AI score0.00844EPSS
Exploits0References1
Prion
Prion
added 2020/05/27 4:15 p.m.19 views

Design/Logic Flaw

Fork before 5.8.3 allows XSS via navigationtitle or title...

4.3CVSS5.9AI score0.00679EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/05/27 3:4 p.m.25 views

CVE-2020-13633

Fork before 5.8.3 allows XSS via navigationtitle or title...

6AI score0.00679EPSS
Exploits0References1
OSV
OSV
added 2018/09/10 4:29 a.m.16 views

CVE-2018-16772

Hoosk v1.7.0 allows XSS via the Navigation Title of a new page entered at admin/pages/new...

4.8CVSS5.8AI score0.0067EPSS
Exploits1References1
NVD
NVD
added 2018/09/10 4:29 a.m.18 views

CVE-2018-16772

Hoosk v1.7.0 allows XSS via the Navigation Title of a new page entered at admin/pages/new...

4.8CVSS5AI score0.0067EPSS
Exploits1References1
CNVD
CNVD
added 2018/09/10 12:0 a.m.4 views

Hoosk Cross-Site Scripting Vulnerability

Hoosk is a lightweight user-centered content management system CMS. The system has built-in Codelgniter for creating responsive websites. A cross-site scripting vulnerability exists in Hoosk 1.7.0, which can be exploited by an attacker via the navigation title of a new page entered at...

4.8CVSS4.9AI score0.0067EPSS
Exploits1References1
Prion
Prion
added 2017/06/12 6:29 a.m.12 views

Cross site scripting

admin.php in BigTree through 4.2.18 has a Cross-site Scripting XSS vulnerability, which allows remote authenticated users to inject arbitrary web script or HTML by launching a Home Template Edit Page action and entering the Navigation Title of a page that is scheduled for future publication aka a...

3.5CVSS5.8AI score0.00784EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2017/06/12 6:29 a.m.11 views

Cross site scripting

admin.php in BigTree through 4.2.18 has a Cross-site Scripting XSS vulnerability, which allows remote authenticated users to inject arbitrary web script or HTML by launching an Edit Page action and entering the Navigation Title or Page Title of a page that is scheduled for future publication aka ...

3.5CVSS5.8AI score0.00784EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2017/06/12 6:29 a.m.18 views

CVE-2017-9547

admin.php in BigTree through 4.2.18 has a Cross-site Scripting XSS vulnerability, which allows remote authenticated users to inject arbitrary web script or HTML by launching an Edit Page action and entering the Navigation Title or Page Title of a page that is scheduled for future publication aka ...

5.4CVSS5.2AI score0.00784EPSS
Exploits0References1
OSV
OSV
added 2017/06/12 6:29 a.m.16 views

CVE-2017-9547

admin.php in BigTree through 4.2.18 has a Cross-site Scripting XSS vulnerability, which allows remote authenticated users to inject arbitrary web script or HTML by launching an Edit Page action and entering the Navigation Title or Page Title of a page that is scheduled for future publication aka ...

5.4CVSS5.6AI score
Exploits0References1
Rows per page
Query Builder