Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
ThinutechThinu-cms

3 matches found

CVE
CVEadded 2023/07/06 6:0 p.m.38 views

CVE-2023-3528

CVE-2023-3528 affects ThinuTech ThinuCMS 1.5. The vulnerability is a SQL injection in the file /category.php triggered by manipulating the cat_id parameter. Exploitation could be remote. The issue is described as critical in several sources. A reported mitigation/workaround is to restrict access ...

9.8CVSS8.2AI score0.00418EPSS
CVE
CVEadded 2023/07/07 4:0 p.m.38 views

CVE-2023-3542

ThinuTech ThinuCMS 1.5 is affected by a cross-site scripting vulnerability in the /contact.php handler. The issue arises from the manipulation of the name/body arguments, enabling XSS in certain unknown functionality. The vulnerability is remotely exploitable (attack vector: network) with user in...

6.1CVSS4.4AI score0.00312EPSS
Web
CVE
CVEadded 2023/07/07 3:31 p.m.33 views

CVE-2023-3541

CVE-2023-3541 affects ThinuTech ThinuCMS 1.5. The vulnerability is a Cross-Site Scripting (XSS) in the /author_posts.php file, triggered by manipulating the author parameter (example: g6g12o8sdm). Documents consistently describe remote feasibility and the specific vector, with /author_posts.php b...

6.1CVSS4.8AI score0.00312EPSS