Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
Classcms ProjectClasscms

3 matches found

CVE
CVEadded 2022/03/25 4:45 p.m.80 views

CVE-2022-25582

CVE-2022-25582 describes a stored cross-site scripting (XSS) vulnerability in the ClassCMS Column module, affecting v2.5 and earlier. The root cause is insufficient validation/filtering of user-supplied data in the Add Articles field, allowing an attacker to inject arbitrary script or HTML that i...

5.4CVSS5.2AI score0.00206EPSS
CVE
CVEadded 2022/12/22 12:0 a.m.57 views

CVE-2022-45966

CVE-2022-45966 affects ClassCMS 3.5, describing an arbitrary file upload vulnerability in the file management function/module. The issue is rooted in the file upload handling (improper validation/verification) and is rated CVSSv3.1 9.8 (Network, High privileges not required, no user interaction) ...

9.8CVSS9.4AI score0.00344EPSS
CVE
CVEadded 2024/07/20 9:31 p.m.49 views

CVE-2024-6932

CVE-2024-6932 affects ClassCMS 4.5. The vulnerability is a cross-site scripting issue in an unknown functionality of the file /admin/?action=home&do=shop:index&keyword=&kind=all, caused by manipulation of the order parameter. The attack can be launched remotely and the exploit has been disclosed ...

5.4CVSS3.8AI score0.00126EPSS
Web