Filtered by vendor Maccms
Subscriptions
Filtered by product Maccms
Subscriptions
Total
29 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2022-35148 | 1 Maccms | 1 Maccms | 2024-08-03 | 6.5 Medium |
maccms10 v2021.1000.1081 to v2022.1000.3031 was discovered to contain a SQL injection vulnerability via the table parameter at database/columns.html. | ||||
CVE-2022-31302 | 1 Maccms | 1 Maccms | 2024-08-03 | 5.4 Medium |
maccms8 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Server Group text field. | ||||
CVE-2022-31303 | 1 Maccms | 1 Maccms | 2024-08-03 | 5.4 Medium |
maccms10 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Server Group text field. | ||||
CVE-2022-27885 | 1 Maccms | 1 Maccms | 2024-08-03 | 6.1 Medium |
Maccms v10 was discovered to contain multiple reflected cross-site scripting (XSS) vulnerabilities in /admin.php/admin/website/data.html via the select and input parameters. | ||||
CVE-2022-27886 | 1 Maccms | 1 Maccms | 2024-08-03 | 6.1 Medium |
Maccms v10 was discovered to contain a reflected cross-site scripting (XSS) vulnerability in /admin.php/admin/ulog/index.html via the wd parameter. | ||||
CVE-2022-27884 | 1 Maccms | 1 Maccms | 2024-08-03 | 6.1 Medium |
Maccms v10 was discovered to contain a reflected cross-site scripting (XSS) vulnerability in /admin.php/admin/plog/index.html via the wd parameter. | ||||
CVE-2022-27887 | 1 Maccms | 1 Maccms | 2024-08-03 | 6.1 Medium |
Maccms v10 was discovered to contain a reflected cross-site scripting (XSS) vulnerability in /admin.php/admin/vod/data.html via the repeat parameter. | ||||
CVE-2022-26573 | 1 Maccms | 1 Maccms | 2024-08-03 | 6.1 Medium |
Maccms v10 was discovered to contain multiple reflected cross-site scripting (XSS) vulnerabilities in /admin.php/admin/art/data.html via the select and input parameters. | ||||
CVE-2024-32391 | 1 Maccms | 1 Maccms | 2024-08-02 | 7.3 High |
Cross Site Scripting vulnerability in MacCMS v.10 v.2024.1000.3000 allows a remote attacker to execute arbitrary code via a crafted payload. |