Skip to main content

Kasseler Cms

3 CVEs product

Monthly

CVE-2013-3729 MEDIUM POC PATCH This Month

Multiple cross-site request forgery (CSRF) vulnerabilities in Kasseler CMS before 2 r1232 allow remote attackers to hijack the authentication of administrators for requests that conduct SQL injection. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available.

CSRF PHP SQLi Kasseler Cms
NVD Exploit-DB VulDB
CVSS 2.0
6.8
EPSS
2.4%
CVE-2013-3728 LOW POC PATCH Monitor

Cross-site scripting (XSS) vulnerability in Kasseler CMS before 2 r1232 allows remote authenticated users with permissions to create categories to inject arbitrary web script or HTML via the cat. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. Public exploit code available.

XSS PHP Kasseler Cms
NVD Exploit-DB VulDB
CVSS 2.0
3.5
EPSS
0.9%
CVE-2013-3727 HIGH POC This Week

SQL injection vulnerability in Kasseler CMS before 2 r1232 allows remote authenticated users to execute arbitrary SQL commands via the groups[] parameter to admin.php. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

CSRF PHP SQLi Kasseler Cms
NVD Exploit-DB VulDB
CVSS 2.0
7.5
EPSS
1.2%
EPSS 2% CVSS 6.8
MEDIUM POC PATCH This Month

Multiple cross-site request forgery (CSRF) vulnerabilities in Kasseler CMS before 2 r1232 allow remote attackers to hijack the authentication of administrators for requests that conduct SQL injection. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available.

CSRF PHP SQLi +1
NVD Exploit-DB VulDB
EPSS 1% CVSS 3.5
LOW POC PATCH Monitor

Cross-site scripting (XSS) vulnerability in Kasseler CMS before 2 r1232 allows remote authenticated users with permissions to create categories to inject arbitrary web script or HTML via the cat. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. Public exploit code available.

XSS PHP Kasseler Cms
NVD Exploit-DB VulDB
EPSS 1% CVSS 7.5
HIGH POC This Week

SQL injection vulnerability in Kasseler CMS before 2 r1232 allows remote authenticated users to execute arbitrary SQL commands via the groups[] parameter to admin.php. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

CSRF PHP SQLi +1
NVD Exploit-DB VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy