Lucene search
K

8 matches found

OSV
OSV
added 2022/02/28 11:15 p.m.19 views

CVE-2022-25410

Maxsite CMS v180 was discovered to contain a stored cross-site scripting XSS vulnerability via the parameter ffiledescription at /admin/files...

5.4CVSS5.9AI score
Exploits0References1
NVD
NVD
added 2022/02/28 11:15 p.m.10 views

CVE-2022-25412

Maxsite CMS v180 was discovered to contain multiple arbitrary file deletion vulnerabilities in /adminpage/all-files-update-ajax.php via the dir and deletefile parameters...

8.1CVSS0.01042EPSS
Exploits1References1
NVD
NVD
added 2022/02/28 11:15 p.m.11 views

CVE-2022-25410

Maxsite CMS v180 was discovered to contain a stored cross-site scripting XSS vulnerability via the parameter ffiledescription at /admin/files...

5.4CVSS0.00485EPSS
Exploits1References1
Prion
Prion
added 2022/02/28 11:15 p.m.6 views

Arbitrary file deletion

Maxsite CMS v180 was discovered to contain multiple arbitrary file deletion vulnerabilities in /adminpage/all-files-update-ajax.php via the dir and deletefile parameters...

5.5CVSS8.3AI score0.01042EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2022/02/28 11:15 p.m.12 views

Cross site scripting

Maxsite CMS v180 was discovered to contain a stored cross-site scripting XSS vulnerability via the parameter ffiledescription at /admin/files...

3.5CVSS5.3AI score0.00485EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2022/02/28 10:55 p.m.17 views

CVE-2022-25412

Maxsite CMS v180 was discovered to contain multiple arbitrary file deletion vulnerabilities in /adminpage/all-files-update-ajax.php via the dir and deletefile parameters...

8.5AI score0.01042EPSS
Exploits1References1
CVE
CVE
added 2022/02/28 10:55 p.m.85 views

CVE-2022-25412

Maxsite CMS v180 is affected by CVE-2022-25412 due to multiple arbitrary file deletion vulnerabilities in /admin_page/all-files-update-ajax.php. The root cause is lack of validation for the dir and deletefile parameters, enabling an attacker to delete arbitrary files. Exploitation details or in-t...

8.1CVSS8.3AI score0.01042EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2022/02/28 10:55 p.m.15 views

CVE-2022-25410

Maxsite CMS v180 was discovered to contain a stored cross-site scripting XSS vulnerability via the parameter ffiledescription at /admin/files...

5.5AI score0.00485EPSS
Exploits1References1
Rows per page
Query Builder