Page 29 of 201 results (0.009 seconds)

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1

An issue was discovered in CMS MaeloStore V.1.5.0. There is a CSRF vulnerability that can change the administrator password via admin/modul/users/aksi_users.php?act=update. Se ha descubierto un problema en CMS MaeloStore V.1.5.0. Hay una vulnerabilidad CSRF que puede cambiar la contraseña del administrador mediante admin modul users aksi_users.php? • https://github.com/maelosoki/MaeloStore/issues/1 • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 1

An issue was discovered in Victor CMS through 2018-05-10. There is XSS via the site name in the "Categories" menu. Se ha descubierto un problema en Victor CMS hasta el 10/05/2018. Hay Cross-Site Scripting (XSS) mediante el nombre del sitio en el menú "Categories". • https://github.com/VictorAlagwu/CMSsite/issues/3 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1

Complete Responsive CMS Blog through 2018-05-20 has XSS via a comment. Complete Responsive CMS Blog hasta el 20/05/2018 tiene Cross-Site Scripting (XSS) mediante un comentario. • https://github.com/dusaurabh/PHP/issues/1 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 1

Frog CMS 0.9.5 has stored XSS via /admin/?/plugin/comment/settings. Frog CMS 0.9.5 tiene Cross-Site Scripting (XSS) persistente mediante /admin/?/plugin/comment/settings. • https://github.com/philippe/FrogCMS/issues/14 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 2

Frog CMS 0.9.5 has an Upload vulnerability that can create files via /admin/?/plugin/file_manager/save. Frog CMS 0.9.5 tiene una vulnerabilidad de subida que puede crear archivos mediante /admin/?/plugin/file_manager/save. • https://github.com/snappyJack/CVE-2018-16373 https://github.com/philippe/FrogCMS/issues/13 • CWE-434: Unrestricted Upload of File with Dangerous Type •