2 matches found
CVE-2020-15600
CVE-2020-15600 affects CMSUno versions prior to 1.6.1. The vulnerability is a cross-site request forgery in uno.php that allows an attacker to change the admin password. Several connected sources corroborate the issue and point to exposure in CMSUno before 1.6.1, with PoC examples and references ...
CVE-2018-15567
CMSUno before 1.5.3 is vulnerable to a cross-site scripting (XSS) issue in the title field. The vulnerability is described as XSS via the title field, affecting versions prior to 1.5.3. Exploitation details, impacted components beyond the title field, and remediation steps are not provided in the...