Skip to main content

Gleez Cms

5 CVEs product

Monthly

CVE-2018-16703 MEDIUM This Month

A vulnerability in the Gleez CMS 1.2.0 login page could allow an unauthenticated, remote attacker to perform multiple user enumerations, which can further help an attacker to perform login attempts. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Gleez Cms
NVD GitHub
CVSS 3.0
5.3
EPSS
1.5%
CVE-2018-16347 PHP MEDIUM POC This Month

An issue was discovered in Gleez CMS v1.2.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Gleez Cms
NVD GitHub
CVSS 3.0
6.1
EPSS
0.8%
CVE-2018-15845 PHP HIGH POC This Week

There is a CSRF vulnerability that can add an administrator account in Gleez CMS 1.2.0 via admin/users/add. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Gleez Cms
NVD GitHub Exploit-DB
CVSS 3.0
8.8
EPSS
2.3%
CVE-2018-13340 HIGH POC This Week

Gleez CMS 1.2.0 has CSRF, as demonstrated by a /page/add request. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Gleez Cms
NVD GitHub
CVSS 3.0
8.8
EPSS
0.7%
CVE-2018-7035 PHP MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in Gleez CMS 1.2.0 and 2.0 might allow remote attackers (users) to inject JavaScript via HTML content in an editor, which will result in Stored XSS when an. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Gleez Cms
NVD GitHub
CVSS 3.0
5.4
EPSS
1.0%
EPSS 2% CVSS 5.3
MEDIUM This Month

A vulnerability in the Gleez CMS 1.2.0 login page could allow an unauthenticated, remote attacker to perform multiple user enumerations, which can further help an attacker to perform login attempts. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Gleez Cms
NVD GitHub
EPSS 1% CVSS 6.1
MEDIUM POC This Month

An issue was discovered in Gleez CMS v1.2.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Gleez Cms
NVD GitHub
EPSS 2% CVSS 8.8
HIGH POC This Week

There is a CSRF vulnerability that can add an administrator account in Gleez CMS 1.2.0 via admin/users/add. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Gleez Cms
NVD GitHub Exploit-DB
EPSS 1% CVSS 8.8
HIGH POC This Week

Gleez CMS 1.2.0 has CSRF, as demonstrated by a /page/add request. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Gleez Cms
NVD GitHub
EPSS 1% CVSS 5.4
MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in Gleez CMS 1.2.0 and 2.0 might allow remote attackers (users) to inject JavaScript via HTML content in an editor, which will result in Stored XSS when an. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Gleez Cms
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy