CVE-2021-41559

Silverstripe silverstripe/framework 4.8.1 has a quadratic blowup in Convert::xml2array() that enables a remote attack via a crafted XML document.Read More ...

Continue Reading

June 28, 2022

CVE-2020-19896

File inclusion vulnerability in Minicms v1.9 allows remote attackers to execute arbitary PHP code via post-edit.php.Read More ...

Continue Reading

June 28, 2022

CVE-2020-19897

A reflected Cross Site Scripting (XSS) in wuzhicms v4.1.0 allows remote attackers to execute arbitrary web script or HTML via the imgurl parameter.Read More ...

Continue Reading

June 28, 2022

CVE-2022-29858

Silverstripe silverstripe/assets through 1.10 allows XSS.Read More ...

Continue Reading

June 28, 2022

CVE-2022-25238

Silverstripe silverstripe/framework through 4.10.0 allows XSS, inside of script tags that can can be added to website content via XHR by an authenticated CMS user if the cwp-core module is not install ...

Continue Reading

June 28, 2022

CVE-2022-31886

Marval MSM v14.19.0.12476 is vulnerable to Cross Site Request Forgery (CSRF). An attacker can disable the 2FA by sending the user a malicious form.Read More ...

Continue Reading

June 28, 2022

CVE-2022-31883

Marval MSM v14.19.0.12476 is has an Insecure Direct Object Reference (IDOR) vulnerability. A low privilege user is able to see other users API Keys including the Admins API Keys.Read More ...

Continue Reading

June 28, 2022

CVE-2022-2246

Prototype Pollution in GitHub repository clever/underscore.deep prior to 0.5.3.Read More ...

Continue Reading

June 28, 2022

1 3,279 3,280 3,281 3,282 3,283 3,551

Back to Main
Subscribe for the latest news: