Skip to main content

Opencms Apollo Template

3 CVEs product

Monthly

CVE-2019-13237 Maven MEDIUM POC PATCH This Month

In Alkacon OpenCms 10.5.4 and 10.5.5, there are multiple resources vulnerable to Local File Inclusion that allow an attacker to access server resources: clearhistory.jsp, convertxml.jsp,. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Path Traversal Opencms Apollo Template
NVD GitHub Exploit-DB
CVSS 3.1
4.3
EPSS
7.3%
CVE-2019-13235 Maven MEDIUM POC PATCH This Month

In the Alkacon OpenCms Apollo Template 10.5.4 and 10.5.5, there is XSS in the Login form. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Opencms Apollo Template
NVD GitHub Exploit-DB
CVSS 3.0
6.1
EPSS
2.9%
CVE-2019-13234 Maven MEDIUM POC PATCH This Month

In the Alkacon OpenCms Apollo Template 10.5.4 and 10.5.5, there is XSS in the search engine. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Opencms Apollo Template
NVD GitHub Exploit-DB
CVSS 3.0
6.1
EPSS
2.9%
EPSS 7% CVSS 4.3
MEDIUM POC PATCH This Month

In Alkacon OpenCms 10.5.4 and 10.5.5, there are multiple resources vulnerable to Local File Inclusion that allow an attacker to access server resources: clearhistory.jsp, convertxml.jsp,. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Path Traversal Opencms Apollo Template
NVD GitHub Exploit-DB
EPSS 3% CVSS 6.1
MEDIUM POC PATCH This Month

In the Alkacon OpenCms Apollo Template 10.5.4 and 10.5.5, there is XSS in the Login form. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Opencms Apollo Template
NVD GitHub Exploit-DB
EPSS 3% CVSS 6.1
MEDIUM POC PATCH This Month

In the Alkacon OpenCms Apollo Template 10.5.4 and 10.5.5, there is XSS in the search engine. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Opencms Apollo Template
NVD GitHub Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy