Show filters
13 Total Results
Displaying 11-13 of 13
Sort by:
Attacker Value
Unknown

CVE-2019-8432

Disclosure Date: February 18, 2019 (last updated November 27, 2024)
In CmsEasy 7.0, there is XSS via the ckplayer.php url parameter.
0
0
Attacker Value
Unknown

CVE-2018-11680

Disclosure Date: June 02, 2018 (last updated November 26, 2024)
An issue was discovered in CmsEasy 6.1_20180508. There is a CSRF vulnerability in the rich text editor that can add an IFRAME element. This might be used in a DoS attack if a referenced remote URL is refreshed at a rapid rate.
0
0
Attacker Value
Unknown

CVE-2018-11679

Disclosure Date: June 02, 2018 (last updated November 26, 2024)
An issue was discovered in CmsEasy 6.1_20180508. There is a CSRF vulnerability that can add an article via /index.php?case=table&act=add&table=archive&admin_dir=admin.
0
0
View More Topics  < Previous