RSS   Vulnerabilities for 'Maccms'   RSS

2022-06-21
 
CVE-2022-31302

CWE-79
 
 
maccms8 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Server Group text field.

 
 
CVE-2022-31303

CWE-79
 
 
maccms10 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Server Group text field.

 
2022-03-31
 
CVE-2021-43707

CWE-79
 
 
Cross Site Scripting (XSS) vulnerability exists in Maccms v10 via link_Name parameter.

 
2022-03-25
 
CVE-2022-26573

CWE-79
 
 
Maccms v10 was discovered to contain multiple reflected cross-site scripting (XSS) vulnerabilities in /admin.php/admin/art/data.html via the select and input parameters.

 
 
CVE-2022-27884

CWE-79
 
 
Maccms v10 was discovered to contain a reflected cross-site scripting (XSS) vulnerability in /admin.php/admin/plog/index.html via the wd parameter.

 
 
CVE-2022-27885

CWE-79
 
 
Maccms v10 was discovered to contain multiple reflected cross-site scripting (XSS) vulnerabilities in /admin.php/admin/website/data.html via the select and input parameters.

 
 
CVE-2022-27886

CWE-79
 
 
Maccms v10 was discovered to contain a reflected cross-site scripting (XSS) vulnerability in /admin.php/admin/ulog/index.html via the wd parameter.

 
 
CVE-2022-27887

CWE-79
 
 
Maccms v10 was discovered to contain a reflected cross-site scripting (XSS) vulnerability in /admin.php/admin/vod/data.html via the repeat parameter.

 
2022-03-16
 
CVE-2021-45786

CWE-287
 
 
In maccms v10, an attacker can log in through /index.php/user/login in the "col" and "openid" parameters to gain privileges.

 
 
CVE-2021-45787

CWE-79
 
 
There is a stored Cross Site Scripting (XSS) vulnerability in maccms v10 through adding videos. XSS code can be inserted at parameter positions including name and remarks.

 

Copyright 2024, cxsecurity.com

 

Back to Top