Skip to main content

Clansphere

5 CVEs product

Monthly

CVE-2012-10034 HIGH POC THREAT Act Now

ClanSphere 2011.3 is vulnerable to a local file inclusion (LFI) flaw due to improper handling of the cs_lang cookie parameter. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 18.4%.

Path Traversal Clansphere
NVD Exploit-DB
CVSS 4.0
8.7
EPSS
18.4%
CVE-2022-43119 MEDIUM POC This Month

A cross-site scripting (XSS) vulnerability in Clansphere CMS v2011.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Username parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Clansphere
NVD GitHub
CVSS 3.1
6.1
EPSS
0.5%
CVE-2021-27310 MEDIUM POC This Month

Clansphere CMS 2011.4 allows unauthenticated reflected XSS via "language" parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Clansphere
NVD GitHub
CVSS 3.1
6.1
EPSS
2.8%
CVE-2021-27309 MEDIUM POC This Month

Clansphere CMS 2011.4 allows unauthenticated reflected XSS via "module" parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Clansphere
NVD GitHub
CVSS 3.1
6.1
EPSS
2.0%
CVE-2014-100010 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in ClanSphere 2011.4 allows remote attackers to inject arbitrary web script or HTML via the where parameter in a list action to index.php. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS PHP Clansphere
NVD
CVSS 2.0
4.3
EPSS
0.3%
EPSS 18% CVSS 8.7
HIGH POC THREAT Act Now

ClanSphere 2011.3 is vulnerable to a local file inclusion (LFI) flaw due to improper handling of the cs_lang cookie parameter. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 18.4%.

Path Traversal Clansphere
NVD Exploit-DB
EPSS 0% CVSS 6.1
MEDIUM POC This Month

A cross-site scripting (XSS) vulnerability in Clansphere CMS v2011.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Username parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Clansphere
NVD GitHub
EPSS 3% CVSS 6.1
MEDIUM POC This Month

Clansphere CMS 2011.4 allows unauthenticated reflected XSS via "language" parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Clansphere
NVD GitHub
EPSS 2% CVSS 6.1
MEDIUM POC This Month

Clansphere CMS 2011.4 allows unauthenticated reflected XSS via "module" parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Clansphere
NVD GitHub
EPSS 0% CVSS 4.3
MEDIUM This Month

Cross-site scripting (XSS) vulnerability in ClanSphere 2011.4 allows remote attackers to inject arbitrary web script or HTML via the where parameter in a list action to index.php. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS PHP Clansphere
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy