Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
TribalsystemsZenario8.8.52729

3 matches found

CVE
CVEadded 2021/04/16 6:15 p.m.100 views

CVE-2021-26830

SQL Injection in Tribalsystems Zenario CMS 8.8.52729 allows remote attackers to access the database or delete the plugin. This is accomplished via the ID input field of ajax.php in the Pugin library - delete module.

9.1CVSS9.5AI score0.01093EPSS
CVE
CVEadded 2021/04/15 2:15 p.m.76 views

CVE-2021-27673

Cross Site Scripting (XSS) in the "admin_boxes.ajax.php" component of Tribal Systems Zenario CMS v8.8.52729 allows remote attackers to execute arbitrary code by injecting arbitrary HTML into the "cID" parameter when creating a new HTML component.

4.8CVSS5.3AI score0.00228EPSS
CVE
CVEadded 2021/04/15 2:15 p.m.62 views

CVE-2021-27672

SQL Injection in the "admin_boxes.ajax.php" component of Tribal Systems Zenario CMS v8.8.52729 allows remote attackers to obtain sesnitive database information by injecting SQL commands into the "cID" parameter when creating a new HTML component.

4.9CVSS5.5AI score0.00216EPSS