Lucene search
K

5 matches found

Prion
Prion
added 2018/01/26 8:29 p.m.19 views

Input validation

DISPUTED In WonderCMS 2.3.1, the application's input fields accept arbitrary user input resulting in execution of malicious JavaScript. NOTE: the vendor disputes this issue stating that this is a feature that enables only a logged in administrator to write execute JavaScript anywhere on their...

4.3CVSS6.5AI score0.01197EPSS
Exploits2References1Affected Software1
NVD
NVD
added 2018/01/26 8:29 p.m.15 views

CVE-2017-14521

In WonderCMS 2.3.1, the upload functionality accepts random application extensions and leads to malicious File Upload...

8.8CVSS8.7AI score0.07299EPSS
Exploits2References2
Prion
Prion
added 2018/01/26 8:29 p.m.14 views

Design/Logic Flaw

In WonderCMS 2.3.1, the upload functionality accepts random application extensions and leads to malicious File Upload...

6.5CVSS8.6AI score0.07299EPSS
Exploits2References2Affected Software1
OSV
OSV
added 2018/01/26 8:29 p.m.12 views

CVE-2017-14521

In WonderCMS 2.3.1, the upload functionality accepts random application extensions and leads to malicious File Upload...

8.8CVSS7.1AI score
Exploits0References2
Cvelist
Cvelist
added 2018/01/26 8:0 p.m.22 views

CVE-2017-14522

In WonderCMS 2.3.1, the application's input fields accept arbitrary user input resulting in execution of malicious JavaScript. NOTE: the vendor disputes this issue stating that this is a feature that enables only a logged in administrator to write execute JavaScript anywhere on their website...

6.5AI score0.01197EPSS
Exploits2References1
Rows per page
Query Builder