Minicms Security Vulnerabilities and Issues — Minicms CVE List

Lucene search

1234nMinicms

5 matches found

CVE•added 2019/07/05 3:16 p.m.•294 views

CVE-2019-13339

In MiniCMS V1.10, stored XSS was found in mc-admin/page-edit.php (content box), which can be used to get a user's cookie.

4.8CVSS4.7AI score0.00219EPSS

CVE•added 2019/07/05 3:16 p.m.•289 views

CVE-2019-13341

In MiniCMS V1.10, stored XSS was found in mc-admin/conf.php (comment box), which can be used to get a user's cookie.

4.8CVSS4.7AI score0.00219EPSS

CVE•added 2019/07/05 3:16 p.m.•277 views

CVE-2019-13340

In MiniCMS V1.10, stored XSS was found in mc-admin/post-edit.php via the content box. An attacker can use it to get a user's cookie. This is different from CVE-2018-10296, CVE-2018-16233, CVE-2018-20520, and CVE-2019-13186.

4.8CVSS5.1AI score0.0024EPSS

CVE•added 2019/07/03 5:15 p.m.•66 views

CVE-2019-13186

In MiniCMS V1.10, stored XSS was found in mc-admin/post-edit.php via the tags box. An attacker can use it to get a user's cookie. This is different from CVE-2018-10296, CVE-2018-16233, and CVE-2018-20520.

6.1CVSS5.1AI score0.0024EPSS

CVE•added 2019/03/06 7:29 p.m.•45 views

CVE-2019-9603

MiniCMS 1.10 allows mc-admin/post.php?state=publish&delete= CSRF to delete articles, a different vulnerability than CVE-2018-18891.

6.5CVSS6.8AI score0.0038EPSS