Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

cms — Vulnerabilities & Security Advisories 219

All 219 CVE vulnerabilities found in cms, with AI-generated Chinese analysis, references, and POCs.

Vendor: Mambo

CVE IDTitleCVSSSeverityPublished
CVE-2023-3789 PaulPrinting CMS Search delivery cross site scripting CWE-79 3.5 Low2023-07-20
CVE-2023-3785 PaulPrinting CMS cross site scripting CWE-79 3.5 Low2023-07-20
CVE-2023-36828 Statamic's Antlers sanitizer cannot effectively sanitize malicious SVG CWE-79 5.5 Medium2023-07-05
CVE-2023-33195 Craft CMS XSS in RSS widget feed CWE-79 5.0 Medium2023-05-27
CVE-2023-33194 CraftCMS stored XSS in Quick Post widget error message CWE-80 3.7 Low2023-05-26
CVE-2023-33196 Craft CMS stored XSS in review volume CWE-80 5.5 Medium2023-05-26
CVE-2023-33197 Craft CMS stored XSS in indexedVolumes CWE-80 5.5 Medium2023-05-26
CVE-2023-2862 SiteServer CMS search cross site scripting CWE-79 3.5 Low2023-05-24
CVE-2023-32679 Remote Code Execution via unrestricted file extension in Craft CMS CWE-74 7.2 High2023-05-19
CVE-2023-31144 Craft CMS vulnerable to cross site scripting in RSS feed widget CWE-79 6.1 Medium2023-05-09
CVE-2023-1680 Xunrui CMS main.html information disclosure CWE-200 4.3 Medium2023-03-29
CVE-2023-1683 Xunrui CMS system_log.html information disclosure CWE-200 4.3 Medium2023-03-29
CVE-2023-1682 Xunrui CMS Install.txt direct request CWE-425 4.3 Medium2023-03-28
CVE-2023-1681 Xunrui CMS test.php information disclosure CWE-200 4.3 Medium2023-03-28
CVE-2023-1484 xzjie cms upload unrestricted upload CWE-434 6.3 Medium2023-03-18
CVE-2023-23927 Craft CMS stored cross-site scripting vulnerability CWE-79 6.1 Medium2023-03-03
CVE-2022-4006 WBCE CMS Header class.login.php increase_attempts excessive authentication CWE-400 3.7 Low2022-11-15
CVE-2022-3975 NukeViet CMS Data URL Request.php filterAttr cross site scripting CWE-707 3.5 Low2022-11-13
CVE-2022-3943 ForU CMS cms_chip.php cross site scripting CWE-707 3.5 Low2022-11-11
CVE-2022-3770 Yunjing CMS upload_img.html unrestricted upload CWE-266 6.3 Medium2022-10-31
CVE-2022-3771 easyii CMS File Upload Management Upload.php file unrestricted upload CWE-266 6.3 Medium2022-10-31
CVE-2017-20064 Elefant CMS layout code injection CWE-94 6.3 Medium2022-06-20
CVE-2017-20063 Elefant CMS File Upload drop privileges management CWE-269 6.3 Medium2022-06-20
CVE-2017-20062 Elefant CMS cross-site request forgery CWE-352 5.0 Medium2022-06-20
CVE-2017-20061 Elefant CMS extended Reflected cross site scriting CWE-80 4.3 Medium2022-06-20
CVE-2017-20060 Elefant CMS Blog Post Persistent cross site scriting CWE-80 3.5 Low2022-06-20
CVE-2017-20059 Elefant CMS Title Persistent cross site scriting CWE-80 3.5 Low2022-06-20
CVE-2017-20058 Elefant CMS Version Comparison Persistent cross site scriting CWE-80 4.3 Medium2022-06-20
CVE-2017-20057 Elefant CMS Persistent cross site scriting CWE-80 4.3 Medium2022-06-20
CVE-2020-36544 SialWeb CMS Search cross site scriting CWE-80 3.5 Low2022-06-04

All 219 known CVE vulnerabilities affecting cms with full Chinese analysis, references, and POCs where available.