Filtered by vendor Waimai Super Cms Project
Subscriptions
Total
4 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2020-21506 | 1 Waimai Super Cms Project | 1 Waimai Super Cms | 2024-11-21 | 6.1 Medium |
waimai Super Cms 20150505 contains a cross-site scripting (XSS) vulnerability in the component /admin.php?m=Config&a=add. | ||||
CVE-2020-21505 | 1 Waimai Super Cms Project | 1 Waimai Super Cms | 2024-11-21 | 6.1 Medium |
waimai Super Cms 20150505 contains a cross-site scripting (XSS) vulnerability in the component /admin.php/Link/addsave. | ||||
CVE-2020-21504 | 1 Waimai Super Cms Project | 1 Waimai Super Cms | 2024-11-21 | 6.1 Medium |
waimai Super Cms 20150505 contains a cross-site scripting (XSS) vulnerability in the component /admin.php?&m=Public&a=login. | ||||
CVE-2020-21503 | 1 Waimai Super Cms Project | 1 Waimai Super Cms | 2024-11-21 | 7.5 High |
waimai Super Cms 20150505 has a logic flaw allowing attackers to modify a price, before form submission, by observing data in a packet capture. By setting the index.php?m=gift&a=addsave credit parameter to -1, the product is sold for free. |
Page 1 of 1.