CVE-2024-27559

Stupid Simple CMS v1.2.4 was discovered to contain a Cross-Site Request Forgery CSRF via the component /savesettings.php...

CVE-2023-52085 Winter CMS Local File Inclusion through Server Side Template Injection

Winter is a free, open-source content management system. Users with access to backend forms that include a ColorPicker FormWidget can provide a value that would then be included without further processing in the compilation of custom stylesheets via LESS. This had the potential to lead to a Local...

Design/Logic Flaw

Winter is a free, open-source content management system. Prior to 1.2.4, users with the media.managemedia permission can upload files to the Media Manager and rename them after uploading. Previously, media manager files were only sanitized on upload, not on renaming, which could have allowed a...

CVE-2023-52084 Winter CMS Stored XSS through Backend ColorPicker FormWidget

Winter is a free, open-source content management system. Prior to 1.2.4, Users with access to backend forms that include a ColorPicker FormWidget can provide a value that would then be rendered unescaped in the backend form, potentially allowing for a stored XSS attack. This issue has been patche...

CVE-2023-52084 Winter CMS Stored XSS through Backend ColorPicker FormWidget

Winter is a free, open-source content management system. Prior to 1.2.4, Users with access to backend forms that include a ColorPicker FormWidget can provide a value that would then be rendered unescaped in the backend form, potentially allowing for a stored XSS attack. This issue has been patche...

CVE-2023-52084

Winter CMS Stored XSS (CVE-2023-52084) : The vulnerability is in Winter CMS prior to 1.2.4 where a value entered in backend forms using the ColorPicker FormWidget could be rendered unescaped, enabling stored XSS. Affected: versions before 1.2.4; root cause: unescaped rendering of input in backend...

Privilege escalation

CSZ CMS v1.2.4 was discovered to contain an arbitrary file upload vulnerability in the component /core/MYSecurity.php...

Potential API key leak

If a user is actively blackholing the location or weather APIs, or those APIs become otherwise unavailable, it is possible for the API keys to get leaked to the active IRC channel. This is patched in v1.2.4...

GHSA-63RQ-P8FP-524Q Potential API key leak

If a user is actively blackholing the location or weather APIs, or those APIs become otherwise unavailable, it is possible for the API keys to get leaked to the active IRC channel. This is patched in v1.2.4...

Apache Shiro 1.2.4 Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache Shiro v1.2.4 Cookie RememberME Deserial RCE', 'Description' = %q This vulnerability allows remote attackers to execute arbitrary code on...

Apache Shiro v1.2.4 Cookie RememberME Deserial RCE

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apache Shiro v1.2.4. Note that other versions of Apache Shiro may also be exploitable if the encryption key used by Shiro to encrypt rememberMe cookies is known. This module requires Metasploit:...