4 matches found
Creatiwity wityCMS cross-site scripting vulnerability (CNVD-2019-19292)
Creatiwity wityCMS is a lightweight PHP-based content management system CMS. A cross-site scripting vulnerability exists in the utilisateur menu in Creatiwity wityCMS version 0.6.2. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker ca...
CVE-2018-16251
A "search for user discovery" injection issue exists in Creatiwity wityCMS 0.6.2 via the "Utilisateur" menu. No input parameters are filtered, e.g., the /admin/user/users Nickname, email, firstname, lastname, and groupe parameters...
CVE-2018-16250
The "utilisateur" menu in Creatiwity wityCMS 0.6.2 modifies the presence of XSS at two input points for user information, with the "first name" and "last name" parameters...
Cross site scripting
The "utilisateur" menu in Creatiwity wityCMS 0.6.2 modifies the presence of XSS at two input points for user information, with the "first name" and "last name" parameters...