23 matches found
CVE-2022-25018
Pluxml v5.8.7 was discovered to allow attackers to execute arbitrary code via crafted PHP code inserted into static pages...
CVE-2022-25020
A cross-site scripting XSS vulnerability in Pluxml v5.8.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the thumbnail path of a blog post...
CVE-2022-25018
Pluxml v5.8.7 was discovered to allow attackers to execute arbitrary code via crafted PHP code inserted into static pages...
CVE-2022-25020
A cross-site scripting XSS vulnerability in Pluxml v5.8.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the thumbnail path of a blog post...
Cross site scripting
A cross-site scripting XSS vulnerability in Pluxml v5.8.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the thumbnail path of a blog post...
Design/Logic Flaw
Pluxml v5.8.7 was discovered to allow attackers to execute arbitrary code via crafted PHP code inserted into static pages...
CVE-2022-25020
CVE-2022-25020 affects PluXML v5.8.7: an XSS vulnerability allows arbitrary web scripts/HTML via a crafted payload in the thumbnail path of a blog post. Affected component: thumbnail handling in PluXML; underlying cause per description is improper handling of input in the thumbnail path. Impact s...
CVE-2022-25020
Removed by vendor...
CVE-2022-25020
A cross-site scripting XSS vulnerability in Pluxml v5.8.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the thumbnail path of a blog post...
CVE-2022-25018
Pluxml v5.8.7 was discovered to allow attackers to execute arbitrary code via crafted PHP code inserted into static pages...
CVE-2022-25018
Pluxml v5.8.7 was discovered to allow attackers to execute arbitrary code via crafted PHP code inserted into static pages...
CVE-2022-25018
Removed by vendor...
CVE-2022-24587
A stored cross-site scripting XSS vulnerability in the component core/admin/medias.php of PluXml v5.8.7 allows attackers to execute arbitrary web scripts or HTML...
Cross site scripting
A stored cross-site scripting XSS vulnerability in the component core/admin/medias.php of PluXml v5.8.7 allows attackers to execute arbitrary web scripts or HTML...
CVE-2022-24585
A stored cross-site scripting XSS vulnerability in the component /core/admin/comment.php of PluXml v5.8.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the author parameter...
CVE-2022-24587
A stored cross-site scripting XSS vulnerability in the component core/admin/medias.php of PluXml v5.8.7 allows attackers to execute arbitrary web scripts or HTML...
Cross site scripting
A stored cross-site scripting XSS vulnerability in the component /core/admin/comment.php of PluXml v5.8.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the author parameter...
CVE-2022-24587
CVE-2022-24587 describes a stored XSS in PluXml v5.8.7, specifically in the component core/admin/medias.php , allowing attackers to run arbitrary web scripts or HTML. The description and connected records confirm the vulnerability and its target file, but none of the provided documents supply det...
CVE-2022-24587
A stored cross-site scripting XSS vulnerability in the component core/admin/medias.php of PluXml v5.8.7 allows attackers to execute arbitrary web scripts or HTML...
CVE-2022-24587
Removed by vendor...