RSS   Vulnerabilities for 'Composr cms'   RSS

2021-08-16
 
CVE-2021-38708

CWE-79
 

 
In ocProducts Composr CMS before 10.0.38, an attacker can inject JavaScript via Comcode for XSS.

 
2021-01-26
 
CVE-2020-35310

CWE-79
 

 
Composr CMS 10.0.34 is affected by cross-site scripting (XSS) which allows remote attackers to inject an arbitrary web script or HTML via Add Banners in the Description field.

 
2018-04-26
 
CVE-2018-6518

CWE-79
 

 
Composr CMS 10.0.13 has XSS via the site_name parameter in a page=admin-setupwizard&type=step3 request to /adminzone/index.php.

 


Copyright 2024, cxsecurity.com

 

Back to Top