Skip to main content

No Cms

4 CVEs product

Monthly

CVE-2018-25431 HIGH POC This Week

No-Cms 1.0 contains an SQL injection vulnerability in the order_by parameter of the manage_privilege export endpoint that allows authenticated attackers to manipulate database queries. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi No Cms
NVD Exploit-DB GitHub
CVSS 4.0
7.1
EPSS
0.0%
CVE-2018-19902 MEDIUM POC This Month

No-CMS 1.1.3 is prone to Persistent XSS via the blog/manage_article "keyword" parameter. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS No Cms
NVD GitHub
CVSS 3.0
4.8
EPSS
0.6%
CVE-2018-19901 MEDIUM POC This Month

No-CMS 1.1.3 is prone to Persistent XSS via the blog/manage_article/index/ "article_title" parameter. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS No Cms
NVD GitHub
CVSS 3.0
4.8
EPSS
0.6%
CVE-2018-18868 MEDIUM POC This Month

No-CMS 1.1.3 is prone to Persistent XSS via a contact_us name parameter, as demonstrated by the VG48Z5PqVWname parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS No Cms
NVD GitHub
CVSS 3.0
6.1
EPSS
0.7%
EPSS 0% CVSS 7.1
HIGH POC This Week

No-Cms 1.0 contains an SQL injection vulnerability in the order_by parameter of the manage_privilege export endpoint that allows authenticated attackers to manipulate database queries. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi No Cms
NVD Exploit-DB GitHub
EPSS 1% CVSS 4.8
MEDIUM POC This Month

No-CMS 1.1.3 is prone to Persistent XSS via the blog/manage_article "keyword" parameter. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS No Cms
NVD GitHub
EPSS 1% CVSS 4.8
MEDIUM POC This Month

No-CMS 1.1.3 is prone to Persistent XSS via the blog/manage_article/index/ "article_title" parameter. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS No Cms
NVD GitHub
EPSS 1% CVSS 6.1
MEDIUM POC This Month

No-CMS 1.1.3 is prone to Persistent XSS via a contact_us name parameter, as demonstrated by the VG48Z5PqVWname parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS No Cms
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy