Catfish Cms Security Vulnerabilities and Issues — Catfish Cms CVE List

Lucene search

Catfish-cmsCatfish Cms

7 matches found

CVE•added 2021/06/23 7:15 p.m.•59 views

CVE-2020-23962

A cross site scripting (XSS) vulnerability in Catfish CMS 4.9.90 allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "announcement_gonggao" parameter.

6.1CVSS6AI score0.0024EPSS

CVE•added 2018/04/11 5:29 p.m.•43 views

CVE-2018-10023

Catfish CMS V4.7.21 allows XSS via the pinglun parameter to cat/index/index/pinglun (aka an authenticated comment).

5.4CVSS5.1AI score0.0032EPSS

CVE•added 2018/10/29 12:29 p.m.•31 views

CVE-2018-18734

A CSRF issue was discovered in admin/Index/addmanageuser.html in Catfish CMS 4.8.30.

8.8CVSS8.6AI score0.00145EPSS

CVE•added 2018/10/29 12:29 p.m.•29 views

CVE-2018-18733

An XSS issue was discovered in Catfish CMS 4.8.30, related to "write source code," a similar issue to CVE-2018-13999.

5.4CVSS4.9AI score0.00235EPSS

CVE•added 2021/12/15 11:15 p.m.•28 views

CVE-2021-45017

Cross Site Request Forgery (CSRF) vulnerability exits in Catfish

8.8CVSS8.9AI score0.00122EPSS

CVE•added 2021/12/15 11:15 p.m.•28 views

CVE-2021-45018

Cross Site Scripting (XSS) vulnerability exists in Catfish

6.1CVSS5.9AI score0.00223EPSS

CVE•added 2018/07/12 12:29 p.m.•26 views

CVE-2018-13999

Catfish CMS v4.7.9 allows XSS via the admin/Index/write.html editorValue parameter (aka an article posted by an administrator).

4.8CVSS5AI score0.00235EPSS