154 matches found
CVE-2022-3975
A vulnerability, which was classified as problematic, has been found in NukeViet CMS. Affected by this issue is the function filterAttr of the file vendor/vinades/nukeviet/Core/Request.php of the component Data URL Handler. The manipulation of the argument attrSubSet leads to cross site scripting...
CVE-2022-3975
A vulnerability, which was classified as problematic, has been found in NukeViet CMS. Affected by this issue is the function filterAttr of the file vendor/vinades/nukeviet/Core/Request.php of the component Data URL Handler. The manipulation of the argument attrSubSet leads to cross site scripting...
Cross site scripting
A vulnerability, which was classified as problematic, has been found in NukeViet CMS. Affected by this issue is the function filterAttr of the file vendor/vinades/nukeviet/Core/Request.php of the component Data URL Handler. The manipulation of the argument attrSubSet leads to cross site scripting...
CVE-2022-3975
NukeViet CMS vulnerability CVE-2022-3975 affects the Data URL Handler’s filterAttr in vendor/vinades/nukeviet/Core/Request.php. Manipulating attrSubSet enables cross-site scripting, with remote execution possible. Upgrading to version 4.5 fixes the issue (patch: 0b3197fad950bb3383e83039a8ee4c9509...
PT-2022-24992 · Unknown · Nukeviet Cms
Name of the Vulnerable Software and Affected Versions: NukeViet CMS versions prior to 4.5 Description: A vulnerability has been found in the function filterAttr of the file vendor/vinades/nukeviet/Core/Request.php of the component Data URL Handler. The manipulation of the argument attrSubSet lead...
Vinades NukeViet 安全漏洞
Vinades NukeViet is an open source Content Management System CMS from Vinades Vietnam. A security vulnerability exists in Vinades NukeViet CMS, which originates from an affected filterAttr function in the vendor/vinades/nukeviet/Core/Request.php file of the Data URL Handler component, where...
CVE-2022-3975 NukeViet CMS Data URL Request.php filterAttr cross site scripting
A vulnerability, which was classified as problematic, has been found in NukeViet CMS. Affected by this issue is the function filterAttr of the file vendor/vinades/nukeviet/Core/Request.php of the component Data URL Handler. The manipulation of the argument attrSubSet leads to cross site scripting...
CVE-2022-3975 NukeViet CMS Data URL Request.php filterAttr cross site scripting
A vulnerability, which was classified as problematic, has been found in NukeViet CMS. Affected by this issue is the function filterAttr of the file vendor/vinades/nukeviet/Core/Request.php of the component Data URL Handler. The manipulation of the argument attrSubSet leads to cross site scripting...
Cross-site Scripting (XSS)
nukeviet/nukeviet is vulnerable to cross-site scripting. An attacker can inject and execute malicious javascript through the $preTag parameter in filterTags of Request.php...
GHSA-PM37-5J5M-6CVW Cross-site Scripting in NukeViet CMS
There is a Cross Site Scripting Stored XSS vulnerability in NukeViet CMS before 4.5.02...
Cross-site Scripting in NukeViet CMS
There is a Cross Site Scripting Stored XSS vulnerability in NukeViet CMS before 4.5.02...
CVE-2022-30874
There is a Cross Site Scripting Stored XSS vulnerability in NukeViet CMS before 4.5.02...
CVE-2022-30874
There is a Cross Site Scripting Stored XSS vulnerability in NukeViet CMS before 4.5.02...
CVE-2022-30874
There is a Cross Site Scripting Stored XSS vulnerability in NukeViet CMS before 4.5.02...
Cross site scripting
There is a Cross Site Scripting Stored XSS vulnerability in NukeViet CMS before 4.5.02...
CVE-2022-30874
There is a Cross Site Scripting Stored XSS vulnerability in NukeViet CMS before 4.5.02...
CVE-2022-30874
CVE-2022-30874 affects NukeViet CMS prior to 4.5.02 with a Stored Cross-Site Scripting (XSS) vulnerability. The issue is described across multiple sources as an XSS in NukeViet, but the provided documents do not include concrete exploit details, affected files/functions beyond the general vulnera...
Vinades NukeViet 跨站脚本漏洞
Vinades NukeViet is an open source Content Management System CMS from Vinades Vietnam. A cross-site scripting vulnerability exists in Vinades NukeViet CMS versions prior to 4.5.02. There is no information about this vulnerability at this time, so please stay tuned to CNNVD or vendor announcements...
PT-2022-20361 · Unknown · Nukeviet Cms
Name of the Vulnerable Software and Affected Versions: NukeViet CMS versions prior to 4.5.02 Description: The issue is related to a Cross Site Scripting Stored XSS vulnerability. This means that an attacker can inject malicious scripts into the website, which can then be executed by other users. ...
NukeViet SQL Injection vulnerability via topicsid parameter
SQL Injection vulnerability in NukeViet CMS 4.0.10 - 4.3.07 via the topicsid parameter in modules/news/admin/addtotopics.php...