InnoCMS 代码注入漏洞

InnoCMS is a lightweight enterprise official website system from InnoCMS, Inc. A code injection vulnerability exists in InnoCMS version 0.3.1, which stems from the fact that some unknown handling of the file /panel/pages/1/edit can lead to code injection...

The vulnerability of the pages.edit.php component in the FlatCore CMS system allows attackers to perform cross-site scripting attacks.

The vulnerability of the pages.edit.php component in the FlatCore CMS content management system is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

CVE-2021-42245

FlatCore-CMS 2.0.9 has a cross-site scripting XSS vulnerability in pages.edit.php through meta tags and content sections...

Radiant CMS part_body_content parameter cross-site scripting vulnerability

Radiant CMS is a free and open source content management system designed for small teams. A cross-site scripting vulnerability exists in Radiant CMS version 1.1.4. A remote attack can be exploited to inject arbitrary web script or HTML by sending the 'partbodycontent' parameter with specially...

CVE-2018-5216

Radiant CMS 1.1.4 has XSS via crafted Markdown input in the partbodycontent parameter to an admin/pages//edit resource...

Design/Logic Flaw

Fork CMS 5.0.7 has XSS in /private/en/pages/edit via the title parameter...

CVE-2018-5215

Fork CMS 5.0.7 has XSS in /private/en/pages/edit via the title parameter...

CVE-2018-5216

Radiant CMS 1.1.4 has XSS via crafted Markdown input in the partbodycontent parameter to an admin/pages//edit resource...

FlatCore Cross-Site Scripting Vulnerability

flatCore is a Web Content Management System CMS based on PHP5 and SQLite3. A cross-site scripting vulnerability exists in the pages.editform.php file in flatCore version 1.4.6. A remote attacker can exploit this vulnerability to inject arbitrary JavaScript with the help of the 'PATHINFO' paramete...