CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2016-4040 – dotCMS 3.x SQL Injection
https://notcve.org/view.php?id=CVE-2016-4040
SQL injection vulnerability in the Workflow Screen in dotCMS before 3.3.2 allows remote administrators to execute arbitrary SQL commands via the orderby parameter. Vulnerabilidad de inyección SQL en Workflow Screen en dotCMS en versiones anteriores a 3.3.2 permite a administradores remotos ejecutar comandos SQL arbitrarios a través del parámetro orderby. dotCMS versions before 3.5, 3.3.1, and 3.3.2 suffer from multiple remote SQL injection vulnerabilities. • http://dotcms.com/security/SI-36 https://github.com/dotCMS/core/commit/bc4db5d71dc67015572f8e4c6fdf87e29b854d02 https://github.com/dotCMS/core/issues/8840 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 1CVE-2016-3971
https://notcve.org/view.php?id=CVE-2016-3971
Cross-site scripting (XSS) vulnerability in lucene_search.jsp in dotCMS before 3.5.1 allows remote attackers to inject arbitrary web script or HTML via the query parameter to c/portal/layout. Vulnerabilidad de XSS en lucene_search.jsp en dotCMS en versiones anteriores a 3.5.1 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través del parámetro query a c/portal/layout. • http://dotcms.com/security/SI-33 http://seclists.org/fulldisclosure/2016/Apr/37 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 1CVE-2016-3972
https://notcve.org/view.php?id=CVE-2016-3972
Directory traversal vulnerability in the dotTailLogServlet in dotCMS before 3.5.1 allows remote authenticated administrators to read arbitrary files via a .. (dot dot) in the fileName parameter. Vulnerabilidad de salto de directorio en el dotTailLogServlet en dotCMS en versiones anteriores a 3.5.1 permite a administradores remotos autenticados leer archivos arbitrarios a través de un .. (punto punto) en el parámetro fileName. • http://dotcms.com/security/SI-34 http://seclists.org/fulldisclosure/2016/Apr/36 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2016-3688 – DotCMS 3.3 SQL Injection
https://notcve.org/view.php?id=CVE-2016-3688
SQL injection vulnerability in dotCMS before 3.5 allows remote administrators to execute arbitrary SQL commands via the c0-e3 parameter to dwr/call/plaincall/UserAjax.getUsersList.dwr. Vulnerabilidad de inyección SQL en dotCMS en versiones anteriores a 3.5 permite a administradores remotos ejecutar comandos SQL arbitrarios a través del parámetro c0-e3 en dwr/call/plaincall/UserAjax.getUsersList.dwr. DotCMS version 3.3 suffers from a remote SQL injection vulnerability. • http://dotcms.com/security/SI-32 http://packetstormsecurity.com/files/136548/DotCMS-3.3-SQL-Injection.html http://seclists.org/fulldisclosure/2016/Apr/11 http://seclists.org/fulldisclosure/2016/Apr/5 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 0%CPEs: 9EXPL: 1CVE-2013-3484
https://notcve.org/view.php?id=CVE-2013-3484
Multiple cross-site scripting (XSS) vulnerabilities in dotCMS before 2.3.2 allow remote attackers to inject arbitrary web script or HTML via the (1) _loginUserName parameter to application/login/login.html, (2) my_account_login parameter to c/portal_public/login, or (3) email parameter to forgotPassword. Múltiples vulnerabilidades de XSS en dotCMS anterior a 2.3.2 permiten a atacantes remotos inyectar script Web o HTML arbitrarios a través del (1) parámetro _loginUserName hacia application/login/login.html, (2) parámetro my_account_login hacia c/portal_public/login o (3) parámetro email hacia forgotPassword. • http://dotcms.com/security/SI-14 http://secunia.com/advisories/53265 https://github.com/dotCMS/dotCMS/issues/2949 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •