Cross Site Scripting vulnerability in CSZ CMS v.1.3.0 allows a remote attacker to execute arbitrary code via the Default Keyword field in the settings function.
Max CVSS
N/A
EPSS Score
0.04%
Published
2024-04-19
Updated
2024-04-19
A Cross Site Scripting vulnerability in CSZ CMS v.1.3.0 allows an attacker to execute arbitrary code via a crafted script to the Site Name fields of the Site Settings component.
Max CVSS
N/A
EPSS Score
0.04%
Published
2024-03-01
Updated
2024-03-01
Stupid Simple CMS v1.2.4 was discovered to contain a Cross-Site Request Forgery (CSRF) via /update-article.php.
Max CVSS
N/A
EPSS Score
0.04%
Published
2024-03-01
Updated
2024-03-01
Stupid Simple CMS 1.2.4 is vulnerable to Cross Site Scripting (XSS) within the blog title of the settings.
Max CVSS
N/A
EPSS Score
0.04%
Published
2024-03-01
Updated
2024-03-01
flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /core/tools/delete_translation.php
Max CVSS
N/A
EPSS Score
0.04%
Published
2024-02-22
Updated
2024-02-22
Cross-site scripting (XSS) vulnerability in plugins/jojo_core/forgot_password.php in Jojo before 1.2.2 allows remote attackers to inject arbitrary web script or HTML via the search parameter to forgot-password/.
Max CVSS
4.3
EPSS Score
0.18%
Published
2014-06-09
Updated
2017-08-29
SQL injection vulnerability in the checkEmailFormat function in plugins/jojo_core/classes/Jojo.php in Jojo before 1.2.2 allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For HTTP header to /articles/test/.
Max CVSS
7.5
EPSS Score
0.08%
Published
2014-06-09
Updated
2017-08-29
7 vulnerabilities found