CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-17045
https://notcve.org/view.php?id=CVE-2018-17045
An issue was discovered in CMS MaeloStore V.1.5.0. There is a CSRF vulnerability that can change the administrator password via admin/modul/users/aksi_users.php?act=update. Se ha descubierto un problema en CMS MaeloStore V.1.5.0. Hay una vulnerabilidad CSRF que puede cambiar la contraseña del administrador mediante admin modul users aksi_users.php? • https://github.com/maelosoki/MaeloStore/issues/1 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-16775
https://notcve.org/view.php?id=CVE-2018-16775
An issue was discovered in Victor CMS through 2018-05-10. There is XSS via the site name in the "Categories" menu. Se ha descubierto un problema en Victor CMS hasta el 10/05/2018. Hay Cross-Site Scripting (XSS) mediante el nombre del sitio en el menú "Categories". • https://github.com/VictorAlagwu/CMSsite/issues/3 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2018-16780
https://notcve.org/view.php?id=CVE-2018-16780
Complete Responsive CMS Blog through 2018-05-20 has XSS via a comment. Complete Responsive CMS Blog hasta el 20/05/2018 tiene Cross-Site Scripting (XSS) mediante un comentario. • https://github.com/dusaurabh/PHP/issues/1 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-16374
https://notcve.org/view.php?id=CVE-2018-16374
Frog CMS 0.9.5 has stored XSS via /admin/?/plugin/comment/settings. Frog CMS 0.9.5 tiene Cross-Site Scripting (XSS) persistente mediante /admin/?/plugin/comment/settings. • https://github.com/philippe/FrogCMS/issues/14 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 2CVE-2018-16373
https://notcve.org/view.php?id=CVE-2018-16373
Frog CMS 0.9.5 has an Upload vulnerability that can create files via /admin/?/plugin/file_manager/save. Frog CMS 0.9.5 tiene una vulnerabilidad de subida que puede crear archivos mediante /admin/?/plugin/file_manager/save. • https://github.com/snappyJack/CVE-2018-16373 https://github.com/philippe/FrogCMS/issues/13 • CWE-434: Unrestricted Upload of File with Dangerous Type •