CVE-2020-18414

Stored cross site scripting XSS vulnerability in Chaoji CMS v2.18 that allows attackers to execute arbitrary code via /index.php?admin-master-webset...

Cross site scripting

Stored cross site scripting XSS vulnerability in Chaoji CMS v2.18 that allows attackers to execute arbitrary code via /index.php?admin-master-webset...

CVE-2020-18413

Stored cross site scripting XSS vulnerability in /index.php?admin-master-navmenu-add of Chaoji CMS v2.18 that allows attackers to execute arbitrary code...

CVE-2020-18413

CVE-2020-18413 is a stored XSS vulnerability in Chaoji CMS v2.18 affecting the endpoint /index.php?admin-master-navmenu-add . Exploitation from this flaw could allow an attacker to execute arbitrary code within the context of the affected CMS. Multiple sources corroborate the issue and describe t...

CVE-2020-18414

Stored cross site scripting XSS vulnerability in Chaoji CMS v2.18 that allows attackers to execute arbitrary code via /index.php?admin-master-webset...

CVE-2020-18414

Stored cross site scripting XSS vulnerability in Chaoji CMS v2.18 that allows attackers to execute arbitrary code via /index.php?admin-master-webset...

Stack overflow

D-Link DIR-600 Hardware Version B5, Firmware Version 2.18 was discovered to contain a stack overflow via the gena.cgi binary...

CVE-2022-35147

DoraCMS v2.18 and earlier allows attackers to bypass login authentication via a crafted HTTP request...

Cross site request forgery (csrf)

DoraCMS v2.18 and earlier allows attackers to bypass login authentication via a crafted HTTP request...

CVE-2022-35147

DoraCMS v2.18 and earlier has an authentication bypass vulnerability (CVE-2022-35147). The issue allows an attacker to bypass login via a crafted HTTP request, enabling unauthorized access. Affected software is DoraCMS, versions up to 2.18; root cause involves bypassing authentication logic. Impa...