Cotonti Siena Security Vulnerabilities and Issues — Cotonti Siena CVE List

Lucene search

CotontiCotonti Siena

4 matches found

CVE•added 2013/08/09 9:55 p.m.•38 views

CVE-2013-4789

SQL injection vulnerability in modules/rss/rss.php in Cotonti before 0.9.14 allows remote attackers to execute arbitrary SQL commands via the "c" parameter to index.php.

7.5CVSS8.4AI score0.01867EPSS

CVE•added 2022/09/05 6:15 a.m.•37 views

CVE-2022-39839

Cotonti Siena 0.9.20 allows admins to conduct stored XSS attacks via a forum post.

4.8CVSS4.7AI score0.001EPSS

CVE•added 2022/09/05 6:15 a.m.•35 views

CVE-2022-39840

Cotonti Siena 0.9.20 allows admins to conduct stored XSS attacks via a direct message (DM).

4.8CVSS4.7AI score0.00081EPSS

CVE•added 2025/06/02 4:15 p.m.•35 views

CVE-2025-44115

A vulnerability has been found in Cotonti Siena v0.9.25. Affected by this vulnerability is the file /admin.php?m=config&n=edit&o=core&p=title. The manipulation of the value of title leads to cross-site scripting.

5.4CVSS6.5AI score0.00034EPSS