Alanzard : Security Vulnerabilities, CVEs,

CVE-2024-27734

A Cross Site Scripting vulnerability in CSZ CMS v.1.3.0 allows an attacker to execute arbitrary code via a crafted script to the Site Name fields of the Site Settings component.
Max CVSS
N/A
EPSS Score
0.04%
Published
2024-03-01
Updated
2024-03-01

CVE-2024-27689

Stupid Simple CMS v1.2.4 was discovered to contain a Cross-Site Request Forgery (CSRF) via /update-article.php.
Max CVSS
N/A
EPSS Score
0.04%
Published
2024-03-01
Updated
2024-03-01

CVE-2024-27558

Stupid Simple CMS 1.2.4 is vulnerable to Cross Site Scripting (XSS) within the blog title of the settings.
Max CVSS
N/A
EPSS Score
0.04%
Published
2024-03-01
Updated
2024-03-01

CVE-2024-26349

flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /core/tools/delete_translation.php
Max CVSS
N/A
EPSS Score
0.04%
Published
2024-02-22
Updated
2024-02-22

CVE-2010-2675

Cross-site scripting (XSS) vulnerability in index.php in TSOKA:CMS 1.1, 1.9, and 2.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter in an articolo action.
Max CVSS
4.3
EPSS Score
0.21%
Published
2010-07-08
Updated
2010-07-16

CVE-2010-2674

SQL injection vulnerability in index.php in TSOKA:CMS 1.1, 1.9, and 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in an articolo action.
Max CVSS
7.5
EPSS Score
0.20%
Published
2010-07-08
Updated
2017-08-17
6 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close