Filtered by vendor Wtcms Project
Subscribe
Search
Total
8 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-20343 | 1 Wtcms Project | 1 Wtcms | 2021-09-07 | 4.3 MEDIUM | 6.5 MEDIUM |
| WTCMS 1.0 contains a cross-site request forgery (CSRF) vulnerability in the index.php?g=admin&m=nav&a=add_post component that allows attackers to arbitrarily add articles in the administrator background. | |||||
| CVE-2020-20344 | 1 Wtcms Project | 1 Wtcms | 2021-09-07 | 3.5 LOW | 5.4 MEDIUM |
| WTCMS 1.0 contains a reflective cross-site scripting (XSS) vulnerability in the keyword search function under the background articles module. | |||||
| CVE-2020-20345 | 1 Wtcms Project | 1 Wtcms | 2021-09-07 | 3.5 LOW | 5.4 MEDIUM |
| WTCMS 1.0 contains a reflective cross-site scripting (XSS) vulnerability in the page management background which allows attackers to obtain cookies via a crafted payload entered into the search box. | |||||
| CVE-2020-20347 | 1 Wtcms Project | 1 Wtcms | 2021-09-07 | 3.5 LOW | 5.4 MEDIUM |
| WTCMS 1.0 contains a stored cross-site scripting (XSS) vulnerability in the source field under the article management module. | |||||
| CVE-2020-20348 | 1 Wtcms Project | 1 Wtcms | 2021-09-07 | 3.5 LOW | 5.4 MEDIUM |
| WTCMS 1.0 contains a stored cross-site scripting (XSS) vulnerability in the link field under the background menu management module. | |||||
| CVE-2020-20349 | 1 Wtcms Project | 1 Wtcms | 2021-09-07 | 3.5 LOW | 5.4 MEDIUM |
| WTCMS 1.0 contains a stored cross-site scripting (XSS) vulnerability in the link address field under the background links module. | |||||
| CVE-2019-16719 | 1 Wtcms Project | 1 Wtcms | 2020-08-24 | 4.3 MEDIUM | 6.5 MEDIUM |
| WTCMS 1.0 allows index.php?g=admin&m=index&a=index CSRF with resultant XSS. | |||||
| CVE-2019-8911 | 1 Wtcms Project | 1 Wtcms | 2019-02-19 | 4.3 MEDIUM | 6.1 MEDIUM |
| An issue was discovered in WTCMS 1.0. It has stored XSS via the third text box (for the website statistics code). | |||||