Lucene search
K

24 matches found

CNVD
CNVD
added 2015/06/26 12:0 a.m.6 views

Multiple Cross-Site Scripting Vulnerabilities in MetalGenix GeniXCMS

MetalGenix GeniXCMS is a PHP-based content management system and framework CMSF from MetalGenix Indonesia, which provides modules for user management, content management and menu management. A cross-site scripting vulnerability exists in MetalGenix GeniXCMS version 0.0.3. The vulnerability exists...

4.3CVSS6.1AI score0.03759EPSS
Exploits2References1
NVD
NVD
added 2015/06/24 2:59 p.m.19 views

CVE-2015-5066

Multiple cross-site scripting XSS vulnerabilities in the MetalGenix GeniXCMS 0.0.3 allow remote attackers to inject arbitrary web script or HTML via the 1 content or 2 title field in an add action in the posts page to index.php or the 3 q parameter in the posts page to index.php...

4.3CVSS5.7AI score0.03759EPSS
Exploits2References6
Cvelist
Cvelist
added 2015/06/24 2:0 p.m.30 views

CVE-2015-5066

Multiple cross-site scripting XSS vulnerabilities in the MetalGenix GeniXCMS 0.0.3 allow remote attackers to inject arbitrary web script or HTML via the 1 content or 2 title field in an add action in the posts page to index.php or the 3 q parameter in the posts page to index.php...

8.1AI score0.03759EPSS
Exploits2References6
Prion
Prion
added 2007/08/20 10:17 p.m.25 views

Code injection

The Drupal Project module before 5.x-1.0, 4.7.x-2.3, and 4.7.x-1.3 and Project issue tracking module before 5.x-1.0, 4.7.x-2.4, and 4.7.x-1.4 do not properly enforce permissions, which allows remote attackers to 1 obtain sensitive via the Tracker Module and the Recent posts page; 2 obtain project...

5CVSS6.7AI score0.01284EPSS
Exploits0References5Affected Software2
Rows per page
Query Builder