Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
1234n minicms 1.10 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2018-18891
MiniCMS 1.10 allows file deletion via /mc-admin/post.php?state=delete&delete= because the authentication check occurs too late.
1234n Minicms 1.10
9.8
CVSSv3
CVE-2018-18892
MiniCMS 1.10 allows execution of arbitrary PHP code via the install.php sitename parameter, which affects the site_name field in mc_conf.php.
1234n Minicms 1.10
6.5
CVSSv3
CVE-2019-9603
MiniCMS 1.10 allows mc-admin/post.php?state=publish&delete= CSRF to delete articles, a different vulnerability than CVE-2018-18891.
1234n Minicms 1.10
6.1
CVSSv3
CVE-2018-16298
An issue exists in MiniCMS 1.10. There is an mc-admin/post.php?tag= XSS vulnerability for a state=delete, state=draft, or state=publish request.
1234n Minicms 1.10
5.4
CVSSv3
CVE-2018-10227
MiniCMS v1.10 has XSS via the mc-admin/conf.php site_link parameter.
1234n Minicms 1.10
6.1
CVSSv3
CVE-2018-10296
MiniCMS V1.10 has XSS via the mc-admin/post-edit.php title parameter.
1234n Minicms 1.10
9.6
CVSSv3
CVE-2021-33387
Cross Site Scripting Vulnerability in MiniCMS v.1.10 allows malicious user to execute arbitrary code via a crafted get request.
1234n Minicms 1.10
6.1
CVSSv3
CVE-2018-20520
MiniCMS V1.10 has XSS via the mc-admin/post-edit.php query string, a related issue to CVE-2018-10296 and CVE-2018-16233.
1234n Minicms 1.10
4.8
CVSSv3
CVE-2019-13340
In MiniCMS V1.10, stored XSS was found in mc-admin/post-edit.php via the content box. An attacker can use it to get a user's cookie. This is different from CVE-2018-10296, CVE-2018-16233, CVE-2018-20520, and CVE-2019-13186.
1234n Minicms 1.10
6.1
CVSSv3
CVE-2018-15899
An issue exists in MiniCMS 1.10. There is a post.php?date= XSS vulnerability.
1234n Minicms 1.10
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
CVE-2023-38506
CVE-2024-37198
CVE-2023-45197
CVE-2024-38621
CVE-2024-30103
elevation of privilege
CVE-2024-0044
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »