OEcms 3.1 - Cross-Site Scripting

OEcms 3.1 is vulnerable to reflected cross-site scripting via the mod parameter of info.php. id: CVE-2018-12095 info: name: OEcms 3.1 - Cross-Site Scripting author: LogicalHunter severity: medium description: OEcms 3.1 is vulnerable to reflected cross-site scripting via the mod parameter of...

EUVD-2019-1859

Malware in sbrugna...

CVE-2019-1010112

OECMS v4.3.R60321 and v4.3 later is affected by: Cross Site Request Forgery CSRF. The impact is: The victim clicks on adding an administrator account. The component is: admincp.php. The attack vector is: network connectivity. The fixed version is: v4.3...

Command Execution Vulnerability in OECMS

OECMS enterprise website system is a set of enterprise building system based on the development of OEPHP architecture system development. OECMS has a command execution vulnerability that can be exploited by attackers to gain control of the web server...

OECMS Cross-Site Request Forgery Vulnerability

OECMS is an enterprise web content management system CMS. A cross-site request forgery vulnerability exists in the admincp.php file in OECMS. The vulnerability stems from a WEB application that does not adequately validate that a request is coming from a trusted user. An attacker could use this...

CVE-2019-1010112

OECMS v4.3.R60321 and v4.3 later is affected by: Cross Site Request Forgery CSRF. The impact is: The victim clicks on adding an administrator account. The component is: admincp.php. The attack vector is: network connectivity. The fixed version is: v4.3...

Cross site request forgery (csrf)

OECMS v4.3.R60321 and v4.3 later is affected by: Cross Site Request Forgery CSRF. The impact is: The victim clicks on adding an administrator account. The component is: admincp.php. The attack vector is: network connectivity. The fixed version is: v4.3...

CVE-2019-1010112

OECMS v4.3.R60321 and v4.3 later is affected by: Cross Site Request Forgery CSRF. The impact is: The victim clicks on adding an administrator account. The component is: admincp.php. The attack vector is: network connectivity. The fixed version is: v4.3...

CVE-2019-1010112

OECMS v4.3.R60321 and later is affected by a Cross Site Request Forgery (CSRF) vulnerability in admincp.php. The attack vector is network connectivity, and the impact is that a victim could be tricked into adding an administrator account. The fixed version is v4.3. This CVE entry corresponds to C...

OEcms 3.1 - Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Title: OEcms 3.1 - Cross-Site Scripting Author: Felipe "Renzi" Gabriel Software: OEcms v3.1 CVE: CVE-2018-12095 Technical Details & Description: A Reflected Cross-Site Scripting web vulnerability has been discovered in the "OEcms v3.1"...

OEcms 3.1 - Cross-Site Scripting

Title: OEcms 3.1 - Cross-Site Scripting Author: Felipe "Renzi" Gabriel Date: 2018-06-15 Software: OEcms v3.1 CVE: CVE-2018-12095 Technical Details & Description: A Reflected Cross-Site Scripting web vulnerability has been discovered in the "OEcms v3.1" web-application. The vulnerability is locate...

OEcms 3.1 - Cross-Site Scripting

OEcms 3.1 - Cross-Site Scripting Title: OEcms 3.1 - Cross-Site Scripting Author: Felipe "Renzi" Gabriel Date: 2018-06-15 Software: OEcms v3.1 CVE: CVE-2018-12095 Technical Details & Description: A Reflected Cross-Site Scripting web vulnerability has been discovered in the "OEcms v3.1"...

OECMS Cross-Site Scripting Vulnerability

OEcms is an enterprise content management system CMS. A cross-site scripting vulnerability exists in the 'mod' parameter of the info.php file in OEcms version 3.1. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML...

OEcms 3.1 Cross Site Scripting

Title: ======= OEcms v3.1 - Reflected Cross-Site Scripting Introduction: ============== A content management system CMS is a computer application that supports the creation and modification of digital content. It is often used to support multiple users working in a collaborative environment. CMS...

CVE-2018-12095

A Reflected Cross-Site Scripting web vulnerability has been discovered in the OEcms v3.1 web-application. The vulnerability is located in the mod parameter of info.php...

Cross site scripting

A Reflected Cross-Site Scripting web vulnerability has been discovered in the OEcms v3.1 web-application. The vulnerability is located in the mod parameter of info.php...

CVE-2018-12095

OEcms v3.1 is vulnerable to a reflected Cross-Site Scripting flaw in the mod parameter of info.php. The issue arises from improper input handling in the info.php?mod= parameter, enabling attackers to inject arbitrary JavaScript and potentially hijack sessions or access sensitive data. The connect...

CVE-2018-12095

A Reflected Cross-Site Scripting web vulnerability has been discovered in the OEcms v3.1 web-application. The vulnerability is located in the mod parameter of info.php...

OEcms enterprise website system system url parameter exists stored cross-site scripting vulnerability

OEcms enterprise website system system is developed by OEcms technology OEdev based on the development of OEPHP architecture system to develop a set of enterprise building system. OEcms enterprise website system system there are stored cross-site scripting vulnerabilities. Due to poor filtering o...

OECMS Ver 4. X directory traversal vulnerability

No description provided by source...