Skip to main content

Tematres

3 CVEs product

Monthly

CVE-2019-14344 MEDIUM PATCH This Month

TemaTres 3.0 has reflected XSS via the replace_string or search_string parameter to the vocab/admin.php?doAdmin=bulkReplace URI. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS PHP Tematres
NVD GitHub
CVSS 3.1
6.1
EPSS
0.7%
CVE-2019-14345 CRITICAL PATCH Act Now

TemaTres 3.0 allows remote unprivileged users to create an administrator account. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Tematres
NVD GitHub
CVSS 3.1
9.8
EPSS
2.0%
CVE-2019-14343 MEDIUM POC PATCH This Month

TemaTres 3.0 has stored XSS via the value parameter to the vocab/admin.php?vocabulario_id=list URI. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS PHP Tematres
NVD GitHub
CVSS 3.1
5.4
EPSS
0.9%
EPSS 1% CVSS 6.1
MEDIUM PATCH This Month

TemaTres 3.0 has reflected XSS via the replace_string or search_string parameter to the vocab/admin.php?doAdmin=bulkReplace URI. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS PHP Tematres
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

TemaTres 3.0 allows remote unprivileged users to create an administrator account. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Tematres
NVD GitHub
EPSS 1% CVSS 5.4
MEDIUM POC PATCH This Month

TemaTres 3.0 has stored XSS via the value parameter to the vocab/admin.php?vocabulario_id=list URI. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS PHP Tematres
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy