Blackcat Cms Security Vulnerabilities and Issues — Blackcat Cms CVE List

Lucene search

Blackcat-cmsBlackcat Cms

5 matches found

CVE•added 2021/07/09 10:15 p.m.•57 views

CVE-2020-25878

A stored cross site scripting (XSS) vulnerability in the 'Admin-Tools' feature of BlackCat CMS 1.3.6 allows authenticated attackers to execute arbitrary web scripts or HTML via crafted payloads entered into the 'Output Filters' and 'Droplets' modules.

4.8CVSS5AI score0.00224EPSS

CVE•added 2015/07/14 4:59 p.m.•41 views

CVE-2015-5521

Cross-site scripting (XSS) vulnerability in BlackCat CMS 1.1.2 allows remote attackers to inject arbitrary web script or HTML via the name in a new group to backend/groups/index.php.

4.8CVSS5AI score0.00073EPSS

CVE•added 2021/02/16 7:15 p.m.•33 views

CVE-2021-27237

The admin panel in BlackCat CMS 1.3.6 allows stored XSS (by an admin) via the Display Name field to backend/preferences/ajax_save.php.

4.8CVSS4.8AI score0.0034EPSS

CVE•added 2018/06/14 4:29 p.m.•29 views

CVE-2018-10821

Cross-site scripting (XSS) vulnerability in backend/pages/modify.php in BlackCatCMS 1.3 allows remote authenticated users with the Admin role to inject arbitrary web script or HTML via the search panel.

4.8CVSS4.7AI score0.00244EPSS

CVE•added 2014/09/12 2:55 p.m.•25 views

CVE-2014-5259

Cross-site scripting (XSS) vulnerability in cattranslate.php in the CatTranslate JQuery plugin in BlackCat CMS 1.0.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the msg parameter.

4.3CVSS5.8AI score0.00421EPSS