Skip to main content

Oecms

2 CVEs product

Monthly

CVE-2019-1010112 HIGH POC This Week

OECMS v4.3.R60321 and v4.3 later is affected by: Cross Site Request Forgery (CSRF). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP CSRF Oecms
NVD GitHub
CVSS 3.0
8.8
EPSS
0.7%
CVE-2018-12095 MEDIUM POC This Month

A Reflected Cross-Site Scripting web vulnerability has been discovered in the OEcms v3.1 web-application. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Oecms
NVD Exploit-DB
CVSS 3.0
5.4
EPSS
5.6%
EPSS 1% CVSS 8.8
HIGH POC This Week

OECMS v4.3.R60321 and v4.3 later is affected by: Cross Site Request Forgery (CSRF). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP CSRF Oecms
NVD GitHub
EPSS 6% CVSS 5.4
MEDIUM POC This Month

A Reflected Cross-Site Scripting web vulnerability has been discovered in the OEcms v3.1 web-application. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Oecms
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy