Lucene search

K

Cotonti Security Vulnerabilities

cve

A stored cross-site scripting (XSS) vulnerability in the Edit Page function of Cotonti CMS v0.9.24 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted...

5.4CVSS

5.1AI Score

0.0004EPSS

2024-02-08 08:15 PM

15

cve

SQL injection vulnerability in modules/rss/rss.php in Cotonti before 0.9.14 allows remote attackers to execute arbitrary SQL commands via the "c" parameter to...

8.4AI Score

0.105EPSS

2022-10-03 04:14 PM

24

cve

Cotonti Siena 0.9.20 allows admins to conduct stored XSS attacks via a forum...

4.8CVSS

4.7AI Score

0.001EPSS

2022-09-05 06:15 AM

26

4

cve

Cotonti Siena 0.9.20 allows admins to conduct stored XSS attacks via a direct message...

4.8CVSS

4.7AI Score

0.001EPSS

2022-09-05 06:15 AM

22

5