Show filters
3 Total Results
Displaying 1-3 of 3
Sort by:
Attacker Value
Unknown
CVE-2018-14958
Disclosure Date: August 05, 2018 (last updated November 27, 2024)
An issue was discovered in WeaselCMS v0.3.5. CSRF can update the website settings (such as the theme, title, and description) via index.php.
0
Attacker Value
Unknown
CVE-2018-14959
Disclosure Date: August 05, 2018 (last updated November 27, 2024)
An issue was discovered in WeaselCMS v0.3.5. CSRF can create new pages via an index.php?b=pages&a=new URI.
0
Attacker Value
Unknown
CVE-2018-14877
Disclosure Date: August 03, 2018 (last updated November 27, 2024)
An issue was discovered in WeaselCMS v0.3.5. XSS exists via Site Language, Site Title, Site Description, and Site Keywords on the SETTINGS page.
0
