Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
InstantcmsInstantcms

3 matches found

CVE
CVEadded 2024/04/04 11:15 p.m.48 views

CVE-2024-31212

InstantCMS is a free and open source content management system. A SQL injection vulnerability affects instantcms v2.16.2 in which an attacker with administrative privileges can cause the application to execute unauthorized SQL code. The vulnerability exists in index_chart_data action, which receive...

7.2CVSS6.8AI score0.00272EPSS
CVE
CVEadded 2024/10/29 11:15 p.m.43 views

CVE-2024-50348

InstantCMS is a free and open source content management system. In photo upload function in the photo album page there is no input validation taking place. Due to this attackers are able to inject the XSS (Cross Site Scripting) payload and execute. This vulnerability is fixed in 2.16.3.

5.4CVSS5.2AI score0.00169EPSS
CVE
CVEadded 2024/04/05 3:15 p.m.42 views

CVE-2024-31213

InstantCMS is a free and open source content management system. An open redirect was found in the ICMS2 application version 2.16.2 when being redirected after modifying one's own user profile. An attacker could trick a victim into visiting their web application, thinking they are still present on t...

5.4CVSS4AI score0.00225EPSS