Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
5none nonecms vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2020-18282
Cross-site scripting (XSS) vulnerability in NoneCms 1.3.0 allows remote malicious users to inject arbitrary web script or HTML via feedback feature.
5none Nonecms 1.3.0
5
CVSSv2
CVE-2020-18646
Information Disclosure in NoneCMS v1.3 allows remote malicious users to obtain sensitive information via the component "/public/index.php".
5none Nonecms 1.3.0
5
CVSSv2
CVE-2020-18647
Information Disclosure in NoneCMS v1.3 allows remote malicious users to obtain sensitive information via the component "/nonecms/vendor".
5none Nonecms 1.3.0
4.3
CVSSv2
CVE-2020-23371
Cross-site scripting (XSS) vulnerability in static/admin/js/kindeditor/plugins/multiimage/images/swfupload.swf in noneCms v1.3.0 allows remote malicious users to inject arbitrary web script or HTML via the movieName parameter.
5none Nonecms 1.3.0
3.5
CVSSv2
CVE-2020-23373
Cross-site scripting (XSS) vulnerability in admin/nav/add.html in noneCMS v1.3.0 allows remote authenticated malicious users to inject arbitrary web script or HTML via the name parameter.
5none Nonecms 1.3.0
3.5
CVSSv2
CVE-2020-23374
Cross-site scripting (XSS) vulnerability in admin/article/add.html in noneCMS v1.3.0 allows remote authenticated malicious users to inject arbitrary web script or HTML via the name parameter.
5none Nonecms 1.3.0
4.3
CVSSv2
CVE-2020-23376
NoneCMS v1.3 has a CSRF vulnerability in public/index.php/admin/nav/add.html, as demonstrated by adding a navigation column which can be injected with arbitrary web script or HTML via the name parameter to launch a stored XSS attack.
5none Nonecms 1.3.0
5.8
CVSSv2
CVE-2019-16721
NoneCMS v1.3 has CSRF in public/index.php/admin/admin/dele.html, as demonstrated by deleting the admin user.
5none Nonecms 1.3.0
7.5
CVSSv2
CVE-2018-20062
An issue exists in NoneCms V1.3. thinkphp/library/think/App.php allows remote malicious users to execute arbitrary PHP code via crafted use of the filter parameter, as demonstrated by the s=index/\think\Request/input&filter=phpinfo&data=1 query string.
5none Nonecms 1.3.0
4 Github repositories
6.8
CVSSv2
CVE-2018-7219
application/admin/controller/Admin.php in NoneCms 1.3.0 has CSRF, as demonstrated by changing an admin password or adding an account via a public/index.php/admin/admin/edit.html request.
5none Nonecms 1.3.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »