Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
CreatiwityWitycms

4 matches found

CVE
CVEadded 2018/07/13 2:29 a.m.49 views

CVE-2018-14029

CSRF vulnerability in admin/user/edit in Creatiwity wityCMS 0.6.2 allows an attacker to take over a user account, as demonstrated by modifying the account's email field.

8.8CVSS8.4AI score0.00245EPSS
CVE
CVEadded 2018/05/28 1:29 p.m.47 views

CVE-2018-11512

Stored cross-site scripting (XSS) vulnerability in the "Website's name" field found in the "Settings" page under the "General" menu in Creatiwity wityCMS 0.6.1 allows remote attackers to inject arbitrary web script or HTML via a crafted website name by doing an authenticated POST HTTP request to ad...

4.8CVSS4.7AI score0.0025EPSS
CVE
CVEadded 2018/06/08 12:29 p.m.32 views

CVE-2018-12065

A Local File Inclusion vulnerability in /system/WCore/WHelper.php in Creatiwity wityCMS 0.6.2 allows remote attackers to include local PHP files (execute PHP code) or read non-PHP files by replacing a helper.json file.

9.8CVSS9AI score0.00769EPSS
CVE
CVEadded 2018/09/10 4:29 a.m.24 views

CVE-2018-16776

wityCMS 0.6.2 has XSS via the "Site Name" field found in the "Contact" "Configuration" page.

4.8CVSS4.8AI score0.00235EPSS