W3bcms : Security Vulnerabilities, CVEs,
Multiple unspecified vulnerabilities in the admin backend in w3b>cms (aka w3blabor CMS) before 3.2.0 have unknown impact and remote attack vectors.
Max CVSS
10.0
EPSS Score
0.69%
Published
2009-02-17
Updated
2017-08-17
SQL injection vulnerability in includes/module/book/index.inc.php in w3b|cms Gaestebuch Guestbook Module 3.0.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the spam_id parameter.
Max CVSS
6.8
EPSS Score
0.19%
Published
2009-07-07
Updated
2017-09-19
flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /core/tools/delete_translation.php
Max CVSS
N/A
EPSS Score
0.04%
Published
2024-02-22
Updated
2024-02-22
Stupid Simple CMS 1.2.4 is vulnerable to Cross Site Scripting (XSS) within the blog title of the settings.
Max CVSS
N/A
EPSS Score
0.04%
Published
2024-03-01
Updated
2024-03-01
Stupid Simple CMS v1.2.4 was discovered to contain a Cross-Site Request Forgery (CSRF) via /update-article.php.
Max CVSS
N/A
EPSS Score
0.04%
Published
2024-03-01
Updated
2024-03-01
5 vulnerabilities found