Show filters
3 Total Results
Displaying 1-3 of 3
Sort by:
Attacker Value
Unknown

CVE-2020-18406

Disclosure Date: June 27, 2023 (last updated October 08, 2023)
An issue was discovered in cmseasy v7.0.0 that allows user credentials to be sent in clear text due to no encryption of form data.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2019-8434

Disclosure Date: February 18, 2019 (last updated November 27, 2024)
In CmsEasy 7.0, there is XSS via the ckplayer.php autoplay parameter.
0
0
Attacker Value
Unknown

CVE-2019-8432

Disclosure Date: February 18, 2019 (last updated November 27, 2024)
In CmsEasy 7.0, there is XSS via the ckplayer.php url parameter.
0
0