CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cross Site Scripting vulnerability in Wonder CMS v.3.2.0 thru v.3.4.2 allows a remote attacker to execute arbitrary code via a crafted script uploaded to the installModule component...

6.1CVSS7.1AI score0.91079EPSS

Exploits16References1

GithubExploit•added 2024/12/22 11:53 a.m.•498 views

Exploit for Cross-site Scripting in Wondercms

CVE-2023-41425 CVE-2023-41425 is a reflected XSS vulnerabilit...

6.1CVSS6.8AI score0.91079EPSS

Exploits16

GithubExploit•added 2024/09/03 9:59 a.m.•333 views

Exploit for Cross-site Scripting in Wondercms

https://sploitus.com/exploit?id=3A833277-4844-5F02-AFEF-5EA6B...

6.1CVSS6AI score0.91079EPSS

Exploits16

GithubExploit•added 2024/08/27 4:10 p.m.•477 views

Exploit for Cross-site Scripting in Wondercms

CVE-2023-41425-wonderCMSRCE Cross Site Scripting vulnerabilit...

6.1CVSS6.3AI score0.91079EPSS

Exploits16

NVD•added 2023/11/07 4:15 p.m.•25 views

CVE-2023-41425

Cross Site Scripting vulnerability in Wonder CMS v.3.2.0 thru v.3.4.2 allows a remote attacker to execute arbitrary code via a crafted script uploaded to the installModule component...

6.1CVSS0.91079EPSS

Exploits16References4

OSV•added 2023/11/07 4:15 p.m.•15 views

CVE-2023-41425

Cross Site Scripting vulnerability in Wonder CMS v.3.2.0 thru v.3.4.2 allows a remote attacker to execute arbitrary code via a crafted script uploaded to the installModule component...

6.1CVSS7.2AI score

Exploits0References4

Prion•added 2023/11/07 4:15 p.m.•18 views

Cross site scripting

Cross Site Scripting vulnerability in Wonder CMS v.3.2.0 thru v.3.4.2 allows a remote attacker to execute arbitrary code via a crafted script uploaded to the installModule component...

5.8CVSS7.3AI score0.91079EPSS

Exploits16References2Affected Software1

Vulnrichment•added 2023/11/07 12:0 a.m.•95 views

CVE-2023-41425

Cross Site Scripting vulnerability in Wonder CMS v.3.2.0 thru v.3.4.2 allows a remote attacker to execute arbitrary code via a crafted script uploaded to the installModule component...

7.1AI score0.91079EPSS

Exploits16References2

CVE•added 2023/11/07 12:0 a.m.•223 views

CVE-2023-41425

CVE-2023-41425 (WonderCMS) affects WonderCMS versions 3.2.0–3.4.2. The vulnerability is an XSS/authenticated file upload flaw in the installModule pathway that enables an attacker to upload a crafted script, which can subsequently execute arbitrary code on the server (RCE). Connected exploits des...

6.1CVSS6.3AI score0.91079EPSS

Exploits16References4Affected Software1

Cvelist•added 2023/11/07 12:0 a.m.•15 views

CVE-2023-41425

Cross Site Scripting vulnerability in Wonder CMS v.3.2.0 thru v.3.4.2 allows a remote attacker to execute arbitrary code via a crafted script uploaded to the installModule component...

6.5AI score0.91079EPSS

Exploits16References2

Positive Technologies•added 2023/08/30 12:0 a.m.•4 views

PT-2023-6828 · Wondercms · Wondercms

Name of the Vulnerable Software and Affected Versions: Wonder CMS versions 3.2.0 through 3.4.2 Description: The issue is related to a Cross Site Scripting vulnerability that allows a remote attacker to execute arbitrary code via a crafted script uploaded to the installModule component. This...

10CVSS6.8AI score0.91079EPSS

Exploits16References24

0day.today•added 2018/02/05 12:0 a.m.•29 views

Wonder CMS 2.3.1 - Unrestricted File Upload Vulnerability

Exploit for php platform in category web applications Affected Code: public static function uploadFile + - if ! wCMS::$loggedIn && ! isset$FILES'uploadFile' && ! isset$REQUEST'token' return; + private static function uploadFileAction - if isset$REQUEST'token' && $REQUEST'token' ==...

7.1AI score

Exploits0

Packet Storm•added 2018/02/05 12:0 a.m.•39 views

Wonder CMS 2.3.1 File Upload

Affected Code: public static function uploadFile + - if ! wCMS::$loggedIn && ! isset$FILES'uploadFile' && ! isset$REQUEST'token' return; + private static function uploadFileAction - if isset$REQUEST'token' && $REQUEST'token' == wCMS::generateToken && isset$FILES'uploadFile' Proof of Concept Steps...

6.5CVSS8.7AI score0.03643EPSS

Exploits2

Exploit DB•added 2018/02/05 12:0 a.m.•47 views

Wonder CMS 2.3.1 - 'Host' Header Injection

Exploit Title: Wonder CMS 2.3.1 Host Header Injection Date: 30-01-2018 Exploit Author: Samrat Das Contact: http://twitter.com/SamratDas93 Website: https://securitywarrior9.blogspot.in/ Vendor Homepage: https://www.wondercms.com/ Version: 2.3.1 CVE : CVE-2017-14523 Category: Webapp CMS 1...

7.5CVSS7.6AI score0.11226EPSS

Exploits5

exploitpack•added 2018/02/05 12:0 a.m.•23 views

Wonder CMS 2.3.1 - Host Header Injection

Wonder CMS 2.3.1 - Host Header Injection Exploit Title: Wonder CMS 2.3.1 Host Header Injection Date: 30-01-2018 Exploit Author: Samrat Das Contact: http://twitter.com/SamratDas93 Website: https://securitywarrior9.blogspot.in/ Vendor Homepage: https://www.wondercms.com/ Version: 2.3.1 CVE :...

5CVSS0.11226EPSS

Exploits5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by