CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cross-site scripting XSS vulnerability in the searchcontroller in X3 CMS 0.5.1 and 0.5.1.1 allows remote authenticated users to inject arbitrary web script or HTML via the search parameter...

3.5CVSS5.3AI score0.00185EPSS

Exploits1References2

NVD•added 2014/12/03 6:59 p.m.•10 views

CVE-2014-8771

Multiple cross-site request forgery CSRF vulnerabilities in the admin area in X3 CMS 0.5.1 and 0.5.1.1 allow remote attackers to hijack the authentication of administrators via unspecified vectors...

6.8CVSS7.2AI score0.00121EPSS

Exploits1References2

Prion•added 2014/12/03 6:59 p.m.•8 views

Cross site scripting

Cross-site scripting XSS vulnerability in the searchcontroller in X3 CMS 0.5.1 and 0.5.1.1 allows remote authenticated users to inject arbitrary web script or HTML via the search parameter...

3.5CVSS5.7AI score0.00185EPSS

Exploits1References2Affected Software1

Prion•added 2014/12/03 6:59 p.m.•9 views

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in the admin area in X3 CMS 0.5.1 and 0.5.1.1 allow remote attackers to hijack the authentication of administrators via unspecified vectors...

6.8CVSS7.8AI score0.00121EPSS

Exploits1References2Affected Software1

Cvelist•added 2014/12/03 6:0 p.m.•12 views

CVE-2014-8771

Multiple cross-site request forgery CSRF vulnerabilities in the admin area in X3 CMS 0.5.1 and 0.5.1.1 allow remote attackers to hijack the authentication of administrators via unspecified vectors...

7.2AI score0.00121EPSS

Exploits1References2

CVE•added 2014/12/03 6:0 p.m.•38 views

CVE-2014-8772

The CVE CVE-2014-8772 affects X3 CMS versions 0.5.1 and 0.5.1.1. The vulnerability is a Cross-site scripting (XSS) issue in the search_controller that allows remote authenticated users to inject arbitrary web script or HTML via the search parameter. The NVD entry lists a CVSS2 base score of 3.5 (...

3.5CVSS5.5AI score0.00185EPSS

Exploits1References2Affected Software1

CVE•added 2014/12/03 6:0 p.m.•32 views

CVE-2014-8771

CVE-2014-8771 affects X3 CMS versions 0.5.1 and 0.5.1.1, with multiple CSRF vulnerabilities in the admin area that allow remote attackers to hijack administrator authentication via unspecified vectors. Exploitation details are not provided in the available documents. The entry’s CVSS assessment i...

6.8CVSS7.4AI score0.00121EPSS

Exploits1References2Affected Software1

Packet Storm•added 2014/11/10 12:0 a.m.•40 views

X3 CMS 0.5.1.1 Cross Site Request Forgery / Cross Site Scripting

Product: X3 CMS 0.5.1 & 0.5.1.1 Vendor: X3 CMS Vulnerable Versions: 0.5.1 and 0.5.1.1 Tested Version: 0.5.1.1 Vendor Notification: 2 Nov , 2014 Vendor Patch: 7 Nov, 2014 Advisory Publication: 8 Nov, 2014 Public Disclosure: 8 November , 2014 Vulnerability Type: CSRF + Reflected Cross Site Scriptin...

0.4AI score

Exploits0

0day.today•added 2014/11/10 12:0 a.m.•42 views

X3 CMS 0.5.1.1 Cross Site Request Forgery / Cross Site Scripting Vulnerabilities

X3 CMS versions 0.5.1 and 0.5.1.1 suffer from cross site request forgery and cross site scripting vulnerabilities. Product: X3 CMS 0.5.1 & 0.5.1.1 Vendor: X3 CMS Vulnerable Versions: 0.5.1 and 0.5.1.1 Tested Version: 0.5.1.1 Vendor Notification: 2 Nov , 2014 Vendor Patch: 7 Nov, 2014 Advisory...

6.9AI score

Exploits0

NVD•added 2013/01/31 5:44 a.m.•11 views

CVE-2011-5255

Multiple cross-site scripting XSS vulnerabilities in admin/login in X3 CMS 0.4.3.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 PATHINFO, 2 username, or 3 password parameter...

4.3CVSS6AI score0.00619EPSS

Exploits1References9

CVE•added 2013/01/31 2:0 a.m.•39 views

CVE-2011-5255

CVE-2011-5255 corresponds to multiple XSS weaknesses in X3 CMS, affecting admin/login for version 0.4.3.1 and earlier. The vulnerability allows remote attackers to inject arbitrary web script or HTML via PATH_INFO, username, or password parameters. Reports in the connected documents confirm the a...

4.3CVSS6AI score0.00619EPSS

Exploits1References9Affected Software1

Cvelist•added 2013/01/31 2:0 a.m.•11 views

CVE-2011-5255

6AI score0.00619EPSS

Exploits1References9

Packet Storm•added 2012/02/18 12:0 a.m.•17 views

X3 CMS 0.4.3.1 Cross Site Scripting

Exploit Title: X3 CMS 0.4.3.1 Xss Vulnerability Date: 17.02.2012 Author: l20ot Software Link: http://www.x3cms.net/ Web Browser : Mozilla Firefox Blog : http://www.twitter.com/l20ot ------------------------------------------------------ X3Cms is a simple and powerful content manager system...

7.4AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by