Lucene search
K

48 matches found

OSV
OSV
added 2023/07/12 4:31 p.m.29 views

CVE-2023-3641 khodakhah NodCMS POST Request blog-comment-4 cross site scripting

A vulnerability has been found in khodakhah NodCMS 3.4.1 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /en/blog-comment-4 of the component POST Request Handler. The manipulation of the argument commentname/commentcontent leads to cross site...

4.3CVSS3.9AI score0.0045EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/07/12 12:0 a.m.3 views

PT-2023-25568 · Khodakhah · Nodcms

Name of the Vulnerable Software and Affected Versions: khodakhah NodCMS version 3.4.1 Description: A vulnerability has been found in the component POST Request Handler of the file /en/blog-comment-4. The manipulation of the comment name and comment content arguments leads to cross site scripting...

6.1CVSS4.7AI score0.0045EPSS
Exploits0References6
CNNVD
CNNVD
added 2023/07/12 12:0 a.m.4 views

NodCMS 跨站脚本漏洞

NodCMS is a free, multi-language, simple and powerful CMS based on CodeIgniter4 by Mojtaba Individual Developers. A cross-site scripting vulnerability exists in khodakhah NodCMS version 3.4.1, which stems from the parameter commentname/commentcontent in the file /en/blog-comment-4 that leads to...

6.1CVSS4.2AI score0.0045EPSS
Exploits0References3
Veracode
Veracode
added 2023/06/30 5:38 a.m.13 views

Cross-site Scripting (XSS)

khodakhah/nodcms is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to improper validations in the contact forms address element, which allows an admin authenticated attacker to inject and execute arbitrary JavaScript into the browser...

4.8CVSS6.5AI score0.00546EPSS
Exploits1References1Affected Software1
Packet Storm
Packet Storm
added 2023/06/30 12:0 a.m.321 views

NodCMS 3.4.1 Cross Site Scripting

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

7.1AI score
Exploits0
CNVD
CNVD
added 2023/06/28 12:0 a.m.5 views

NodCMS Cross-Site Scripting Vulnerability

NodCMS is a free, multilingual, simple and powerful CMS based on CodeIgniter4. A cross-site scripting XSS vulnerability exists in NodCMS version 3.0. An attacker can exploit this vulnerability to execute arbitrary code and access sensitive information...

4.8CVSS5.9AI score0.00546EPSS
Exploits1References1
OSV
OSV
added 2023/06/20 3:31 p.m.9 views

GHSA-7XQX-XWG9-JX34 NodCMS Cross Site Scripting vulnerability

Cross Site Scripting vulnerability in khodakhah NodCMS v.3.0 allows an attacker with administrative privileges to execute arbitrary code and gain access to sensitive information via a crafted script to the address parameter...

4.8CVSS5.3AI score0.00546EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2023/06/20 3:31 p.m.25 views

NodCMS Cross Site Scripting vulnerability

Cross Site Scripting vulnerability in khodakhah NodCMS v.3.0 allows an attacker with administrative privileges to execute arbitrary code and gain access to sensitive information via a crafted script to the address parameter...

4.8CVSS7.2AI score0.00546EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2023/06/20 3:15 p.m.28 views

CVE-2020-20697

Cross Site Scripting vulnerability in khodakhah NodCMS v.3.0 allows a remote attacker to execute arbitrary code and gain access to senstivie information via a crafted script to the address parameter...

4.8CVSS5.5AI score0.00546EPSS
Exploits1References1
OSV
OSV
added 2023/06/20 3:15 p.m.12 views

CVE-2020-20697

Cross Site Scripting vulnerability in khodakhah NodCMS v.3.0 allows a remote attacker to execute arbitrary code and gain access to senstivie information via a crafted script to the address parameter...

4.8CVSS7.4AI score
Exploits0References1
Prion
Prion
added 2023/06/20 3:15 p.m.13 views

Cross site scripting

Cross Site Scripting vulnerability in khodakhah NodCMS v.3.0 allows a remote attacker to execute arbitrary code and gain access to senstivie information via a crafted script to the address parameter...

4.3CVSS5.5AI score0.00546EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2023/06/20 12:0 a.m.36 views

CVE-2020-20697

CVE-2020-20697 affects the NodCMS v3.0 product, with a Cross-Site Scripting vulnerability in the address parameter that can allow an attacker to execute arbitrary code and access sensitive information. Several connected sources (e.g., Red Hat, CNVD, GHSA, OSV) describe the issue as XSS with poten...

4.8CVSS5.5AI score0.00546EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2023/06/20 12:0 a.m.25 views

CVE-2020-20697

Cross Site Scripting vulnerability in khodakhah NodCMS v.3.0 allows a remote attacker to execute arbitrary code and gain access to senstivie information via a crafted script to the address parameter...

5.4AI score0.00546EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2023/06/20 12:0 a.m.6 views

PT-2023-11558 · Khodakhah · Nodcms

Name of the Vulnerable Software and Affected Versions: khodakhah NodCMS version 3.0 Description: The issue allows a remote attacker to execute arbitrary code and gain access to sensitive information via a crafted script to the address parameter. This can be done by an attacker with administrative...

4.8CVSS8AI score0.00546EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2023/06/20 12:0 a.m.14 views

CVE-2020-20697

Cross Site Scripting vulnerability in khodakhah NodCMS v.3.0 allows a remote attacker to execute arbitrary code and gain access to senstivie information via a crafted script to the address parameter...

7.1AI score0.00546EPSS
Exploits1References1
CNNVD
CNNVD
added 2023/06/20 12:0 a.m.4 views

NodCMS 跨站脚本漏洞

NodCMS is a free, multilingual, simple and powerful CMS based on CodeIgniter4. A cross-site scripting XSS vulnerability exists in NodCMS version 3.0. An attacker can exploit this vulnerability to execute arbitrary code and access sensitive information...

4.8CVSS6.3AI score0.00546EPSS
Exploits1References2
Check Point Advisories
Check Point Advisories
added 2016/11/30 12:0 a.m.5 views

NodCMS edit_lang_file PHP Code Execution

An arbitrary PHP code execution vulnerability exists in NodCMS . The vulnerability is due to insufficient validation of user-supplied input. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

5.1AI score
Exploits0
Packet Storm
Packet Storm
added 2016/11/22 12:0 a.m.54 views

NodCMS Installer Client-Side Cross Site Scripting

===================================================== Exploit Title : NodCMS Installer - Multiples Cross Site Web Vulnerability Date Discovered : 2016-11-10 Affected Products: NodCMS Installer - Content Management System Exploitation Technique: Remote Severity Level: Low Tested OS : Windows 10...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2016/11/08 12:0 a.m.23 views

NodCMS Cross Site Scripting

Exploit Title : nodcms cross site scripting Author : Ashiyane Digital Security Team Date : 29/10/2016 Type : webapps Platform : PHP Vendor Homepage : http://www.nodcms.com/en Software link : https://github.com/khodakhah/nodcms/archive/master.zip version : All version Path Of Vulnerability :...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2016/11/08 12:0 a.m.37 views

NodCMS PHP Code Execution

!-- HTTP Request http://localhost/nodcms-master/admin/editlangfile/1/en POST /nodcms-master/admin/editlangfile/1/en HTTP/1.1 Host: localhost User-Agent: Mozilla/5.0 Windows NT 10.0; rv:49.0 Gecko/20100101 Firefox/49.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8...

Exploits0
Rows per page
Query Builder