RSS   Vulnerabilities for
'Generic content management system'
   RSS

2018-12-30
 
CVE-2018-20590

CWE-79
 

 
Ivan Cordoba Generic Content Management System (CMS) through 2018-04-28 has XSS via the Administrator/users.php user ID.

 
 
CVE-2018-20589

CWE-79
 

 
Ivan Cordoba Generic Content Management System (CMS) through 2018-04-28 has XSS via the Administrator/add_pictures.php article ID.

 
2018-12-28
 
CVE-2018-20569

CWE-89
 

 
user/index.php in Ivan Cordoba Generic Content Management System (CMS) through 2018-04-28 allows SQL injection for authentication bypass.

 
 
CVE-2018-20568

CWE-89
 

 
Administrator/index.php in Ivan Cordoba Generic Content Management System (CMS) through 2018-04-28 allows SQL injection for authentication bypass.

 


Copyright 2024, cxsecurity.com

 

Back to Top