Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor 1234n Subscribe
Total 27 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-10227 1 1234n 1 Minicms 2018-10-30 3.5 LOW 5.4 MEDIUM
MiniCMS v1.10 has XSS via the mc-admin/conf.php site_link parameter.
CVE-2018-10296 1 1234n 1 Minicms 2018-10-30 4.3 MEDIUM 6.1 MEDIUM
MiniCMS V1.10 has XSS via the mc-admin/post-edit.php title parameter.
CVE-2018-10423 1 1234n 1 Minicms 2018-10-30 4.0 MEDIUM 2.7 LOW
mc-admin/post.php in MiniCMS 1.10 allows remote attackers to obtain a directory listing of the top-level directory of the web root via a link that becomes available after posting an article.
CVE-2018-10424 1 1234n 1 Minicms 2018-10-30 4.0 MEDIUM 2.7 LOW
mc-admin/post-edit.php in MiniCMS 1.10 allows full path disclosure via a modified id field.
CVE-2018-15899 1 1234n 1 Minicms 2018-10-30 4.3 MEDIUM 6.1 MEDIUM
An issue was discovered in MiniCMS 1.10. There is a post.php?date= XSS vulnerability.
CVE-2018-16233 1 1234n 1 Minicms 2018-10-30 4.3 MEDIUM 6.1 MEDIUM
MiniCMS V1.10 has XSS via the mc-admin/post-edit.php tags parameter.
CVE-2018-1000638 1 1234n 1 Minicms 2018-10-30 4.3 MEDIUM 6.1 MEDIUM
MiniCMS version 1.1 contains a Cross Site Scripting (XSS) vulnerability in http://example.org/mc-admin/page.php?date={payload} that can result in code injection.