Lucene search
K

132 matches found

Cvelist
Cvelist
added 2018/09/16 5:0 p.m.24 views

CVE-2018-17085

An issue was discovered in OTCMS 3.61. XSS exists in admin/users.php via these parameters: dataTypeCN dataMode dataModeStr...

6.1AI score0.00692EPSS
Exploits1References1
CVE
CVE
added 2018/09/16 5:0 p.m.39 views

CVE-2018-17086

OTCMS 3.61 is affected by CVE-2018-17086: a cross-site scripting (XSS) vulnerability in admin/share_switch.php exploitable via the fieldName, fieldName2, and tabName parameters. The root cause is likely insufficient input sanitization in these parameters, enabling injection of arbitrary HTML/JS. ...

6.1CVSS6AI score0.00692EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2018/09/16 5:0 p.m.41 views

CVE-2018-17085

CVE-2018-17085 affects OTCMS 3.61. The vulnerability is a cross-site scripting (XSS) flaw in admin/users.php exploitable via the dataTypeCN, dataMode, and dataModeStr parameters. Exploitation status is not documented in the provided materials. The CNVD entry similarly describes an XSS vector in O...

6.1CVSS6AI score0.00692EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2018/03/24 10:29 p.m.20 views

CVE-2018-8973

OTCMS 3.20 allows XSS by adding a keyword or link to an article, as demonstrated by an admin/keyWorddeal.php?mudi=add request...

6.1CVSS6AI score0.00707EPSS
Exploits1References1
OSV
OSV
added 2018/03/24 10:29 p.m.7 views

CVE-2018-8973

OTCMS 3.20 allows XSS by adding a keyword or link to an article, as demonstrated by an admin/keyWorddeal.php?mudi=add request...

6.1CVSS5.8AI score0.00707EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2018/03/24 10:29 p.m.2 views

CVE-2018-8973

OTCMS 3.20 allows XSS by adding a keyword or link to an article, as demonstrated by an admin/keyWorddeal.php?mudi=add request...

6.1CVSS5.5AI score0.00707EPSS
Exploits1References2
Prion
Prion
added 2018/03/24 10:29 p.m.18 views

Cross site request forgery (csrf)

OTCMS 3.20 allows XSS by adding a keyword or link to an article, as demonstrated by an admin/keyWorddeal.php?mudi=add request...

4.3CVSS6AI score0.00707EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2018/03/24 10:0 p.m.19 views

CVE-2018-8973

OTCMS 3.20 allows XSS by adding a keyword or link to an article, as demonstrated by an admin/keyWorddeal.php?mudi=add request...

6.1AI score0.00707EPSS
Exploits1References1
CVE
CVE
added 2018/03/24 10:0 p.m.37 views

CVE-2018-8973

OTCMS 3.20 is affected by a cross-site scripting (XSS) vulnerability exposed via adding a keyword or link to an article, demonstrated through an admin request to admin/keyWord_deal.php?mudi=add. The issue arises in the article/keyword handling mechanism and could allow injected script or HTML whe...

6.1CVSS6AI score0.00707EPSS
Exploits1References1Affected Software1
CNVD
CNVD
added 2018/01/24 12:0 a.m.4 views

OTCMS PHP_V2.83 code execution vulnerability in sysCheckFile_deal.php file

Nettitanium Article Management System OTCMS is a news/article publishing website using PHP+sqlite/mysql. A code execution vulnerability exists in the OTCMS PHPV2.83 sysCheckFiledeal.php file. An attacker can obtain a webshell by executing sql statements and writing a one-sentence trojan...

7.7AI score
Exploits0
CNVD
CNVD
added 2017/07/20 12:0 a.m.2 views

XSS Vulnerability in otcms v2.5.6

Net Titanium Article Management System OTCMS is a simple and good asp article management system. An XSS vulnerability exists in otcms v2.5.6. An attacker can exploit this vulnerability to obtain sensitive information...

6.2AI score
Exploits0
CNVD
CNVD
added 2017/07/10 12:0 a.m.1 views

Cross-Site Scripting Vulnerability in OTCMS

OTCMS is a website article management system using ASP+ACCESS/MSSQL. OTCMS suffers from a cross-site scripting vulnerability due to the system's failure to strictly filter user input data. An attacker can exploit this vulnerability to implant cross-site code and launch cross-site scripting attack...

6.4AI score
Exploits0
Rows per page
Query Builder