13 matches found
CVE-2024-32744
A cross-site scripting XSS vulnerability in the Settings section of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the PAGE KEYWORDS parameter under the CURRENT PAGE module...
CVE-2024-32744
A cross-site scripting XSS vulnerability in the Settings section of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the PAGE KEYWORDS parameter under the CURRENT PAGE module...
PT-2024-24822 · Wondercms · Wondercms
Name of the Vulnerable Software and Affected Versions: WonderCMS version 3.4.3 Description: A cross-site scripting XSS vulnerability in the Settings section allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the PAGE KEYWORDS parameter under the CURRENT...
CVE-2024-32744
WonderCMS v3.4.3 contains a cross-site scripting (XSS) vulnerability in the Settings section. The flaw allows arbitrary script/HTML execution via a payload in the PAGE KEYWORDS parameter under the CURRENT PAGE module. Public sources confirm the affected component and trigger, but none provide a p...
CVE-2024-32744
A cross-site scripting XSS vulnerability in the Settings section of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the PAGE KEYWORDS parameter under the CURRENT PAGE module...
CVE-2024-32744
A cross-site scripting XSS vulnerability in the Settings section of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the PAGE KEYWORDS parameter under the CURRENT PAGE module...
WonderCMS 安全漏洞
WonderCMS is an open source PHP-based content management system CMS. A security vulnerability exists in WonderCMS version v3.4.3, which originates from a cross-site scripting XSS vulnerability in the Settings section. An attacker can exploit this vulnerability to execute arbitrary web script or...
WonderCMS Cross-Site Scripting Vulnerability
WonderCMS is an open source, fast, small and simple flat file cms. A cross-site scripting vulnerability exists in the "Admin Panel" of WonderCMS 3.1.3. The vulnerability can be exploited to steal cookies via page keywords...
CVE-2020-29247
WonderCMS 3.1.3 is affected by cross-site scripting XSS in the Admin Panel. An attacker can inject the XSS payload in Page keywords and each time any user will visit the website, the XSS triggers, and the attacker can able to steal the cookie according to the crafted payload...
WonderCMS 跨站脚本漏洞
WonderCMS is an open source, fast, small and simple flat file cms. A cross-site scripting vulnerability exists in the "Admin Panel" of WonderCMS 3.1.3. The vulnerability can be exploited to steal cookies via page keywords...
CVE-2018-19905
HTML injection exists in razorCMS 3.4.8 via the //page keywords parameter...
CVE-2018-19905
HTML injection exists in razorCMS 3.4.8 via the //page keywords parameter...
razorCMS Settings Component Cross-Site Scripting Vulnerability
razorCMS is an open source content management system written in PHP, which stores all data in flat files, so there is no need to install a database. A cross-site scripting vulnerability exists in the Settings component of razorCMS version 3.4.7, which can be exploited by a remote attacker to...