![]() ![]() Webiny is an open-source serverless enterprise CMS. This is a react component to render data coming from Webiny Headless CMS and Webiny Form Builder. shtml before 5.37.2 allows XSS attacks by content managers. Multiple cross-site scripting (XSS) vulnerabilities in install/index.php of CSZ CMS v1.3.0 allow attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Database Username or Database Host parameters.Īn arbitrary file upload vulnerability in the Upload Asset function of Cockpit CMS v2.6.3 allows attackers to execute arbitrary code via uploading a crafted. VDB-238058 is the identifier assigned to this vulnerability. ![]() The manipulation of the argument filter/filter leads to cross site scripting. Affected by this issue is some unknown functionality of the file /search. The associated identifier of this vulnerability is VDB-238059.Ī vulnerability was found in SPA-Cart eCommerce CMS 1.9.0.3. It is possible to initiate the attack remotely. The manipulation of the argument filter leads to sql injection. This affects an unknown part of the file /search of the component GET Parameter Handler. ![]() NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Ī vulnerability classified as critical has been found in SPA-Cart eCommerce CMS 1.9.0.3. The identifier of this vulnerability is VDB-238632. The exploit has been disclosed to the public and may be used. The exploitability is told to be difficult. The complexity of an attack is rather high. It is possible to launch the attack remotely. The manipulation leads to files or directories accessible. Affected is an unknown function of the file /upload/ueditorConfig?action=config. A vulnerability was found in Dreamer CMS up to 4.1.3. ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |