Lucene search

Csphere Security Vulnerabilities

cve

CVE-2022-43119

A cross-site scripting (XSS) vulnerability in Clansphere CMS v2011.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Username...

6.1CVSS

5.8AI Score

0.001EPSS

2022-11-09 04:15 PM

cve

CVE-2011-3714

ClanSphere 2010.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by...

6.3AI Score

0.003EPSS

2022-10-03 04:15 PM

cve

CVE-2021-27309

Clansphere CMS 2011.4 allows unauthenticated reflected XSS via "module"...

6.1CVSS

6AI Score

0.001EPSS

2021-03-23 02:15 PM

cve

CVE-2021-27310

Clansphere CMS 2011.4 allows unauthenticated reflected XSS via "language"...

6.1CVSS

6AI Score

0.001EPSS

2021-03-23 02:15 PM

cve

CVE-2014-100010

Cross-site scripting (XSS) vulnerability in ClanSphere 2011.4 allows remote attackers to inject arbitrary web script or HTML via the where parameter in a list action to...

5.8AI Score

0.003EPSS

2015-01-13 11:59 AM

cve

CVE-2010-1865

Multiple SQL injection vulnerabilities in ClanSphere 2009.0.3 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the IP address to the cs_getip function in generate.php in the Captcha module, or (2) the s_email parameter to the cs_sql_select function in the MySQL database....

8.8AI Score

0.003EPSS

2010-05-07 11:00 PM