Produkt Dilicms (...) - CVEMAP.ORG

Podatności dla 'Dilicms'

2019-03-07

CVE-2019-8440

CWE-79

An issue was discovered in DiliCMS 2.4.0. There is a Stored XSS Vulnerability in the third textbox (aka site logo) of "System setting->site setting" of admin/index.php, aka site_logo.

CVE-2019-8439

CWE-79

An issue was discovered in DiliCMS 2.4.0. There is a Stored XSS Vulnerability in the second textbox of "System setting->site setting" of admin/index.php, aka site_domain.

CVE-2019-8438

CWE-79

An issue was discovered in DiliCMS 2.4.0. There is a Stored XSS Vulnerability in the first textbox of "System setting->site setting" of admin/index.php, aka site_name.

2018-11-15

CVE-2018-19291

CWE-352

An issue was discovered in DiliCMS 2.4.0. There is a CSRF vulnerability that can delete a user or group via an admin/index.php/user/del/1 or admin/index.php/role/del/2 URI.

2018-10-10

CVE-2018-18210

CWE-79

XSS exists in DiliCMS 2.4.0 via the admin/index.php/setting/site?tab=site_attachment attachment_url parameter.

CVE-2018-18209

CWE-79

XSS exists in DiliCMS 2.4.0 via the admin/index.php/setting/site?tab=site_attachment attachment_type parameter.

2018-04-26

CVE-2018-10430

CWE-79

An issue was discovered in DiliCMS (aka DiligentCMS) 2.4.0. There is a Stored XSS Vulnerability in the fourth textbox of "System setting->site setting" of admin/index.php.

Copyright 2024, cxsecurity.com