Cotonti Cotonti Siena : Security vulnerabilities, CVEs

Copy

CVE-2022-39840

Cotonti Siena 0.9.20 allows admins to conduct stored XSS attacks via a direct message (DM).

Max CVSS

4.8

EPSS Score

0.06%

Published

2022-09-05

Updated

2022-09-08

CVE-2022-39839

Cotonti Siena 0.9.20 allows admins to conduct stored XSS attacks via a forum post.

Max CVSS

4.8

EPSS Score

0.06%

Published

2022-09-05

Updated

2022-09-08

CVE-2013-4789

SQL injection vulnerability in modules/rss/rss.php in Cotonti before 0.9.14 allows remote attackers to execute arbitrary SQL commands via the "c" parameter to index.php.

Max CVSS

7.5

EPSS Score

9.02%

Published

2013-08-09

Updated

2013-08-13

3 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!