Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
clippercms clippercms 1.3.3 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-41495
ClipperCMS 1.3.3 exists to contain a Server-Side Request Forgery (SSRF) via the rss_url_news parameter at /manager/index.php.
Clippercms Clippercms 1.3.3
9.8
CVSSv3
CVE-2022-41497
ClipperCMS 1.3.3 exists to contain a Server-Side Request Forgery (SSRF) via the pkg_url parameter at /manager/index.php.
Clippercms Clippercms 1.3.3
5.4
CVSSv3
CVE-2018-11572
ClipperCMS 1.3.3 has XSS in the "Module name" field in a "Modules -> Manage modules -> edit" action to the manager/ URI.
Clippercms Clippercms 1.3.3
8.8
CVSSv3
CVE-2018-11571
ClipperCMS 1.3.3 allows Session Fixation.
Clippercms Clippercms 1.3.3
8.8
CVSSv3
CVE-2018-19135
ClipperCMS 1.3.3 does not have CSRF protection on its kcfinder file upload (enabled by default). This can be used by an malicious user to perform actions for an admin (or any user with the file upload capability). With this vulnerability, one can automatically upload files (by de...
Clippercms Clippercms 1.3.3
1 EDB exploit
4.8
CVSSv3
CVE-2018-13106
ClipperCMS 1.3.3 has stored XSS via the "Tools -> Configuration" screen of the manager/ URI.
Clippercms Clippercms 1.3.3
4.8
CVSSv3
CVE-2018-13998
ClipperCMS 1.3.3 has stored XSS via the Full Name field of (1) Security -> Manager Users or (2) Security -> Web Users.
Clippercms Clippercms 1.3.3
7.2
CVSSv3
CVE-2018-19424
ClipperCMS 1.3.3 allows remote authenticated administrators to upload .htaccess files.
Clippercms Clippercms 1.3.3
4.8
CVSSv3
CVE-2018-11332
Stored cross-site scripting (XSS) vulnerability in the "Site Name" field found in the "site" tab under configurations in ClipperCMS 1.3.3 allows remote malicious users to inject arbitrary web script or HTML via a crafted site name to the manager/processors/sav...
Clippercms Clippercms 1.3.3
1 EDB exploit
5.4
CVSSv3
CVE-2018-12101
CMS Clipper 1.3.3 has XSS in the Security tab search, User Groups, Resource Groups, and User/Resource Group Links fields.
Clippercms Clippercms 1.3.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
race condition
CVE-2024-4249
CVE-2024-4244
CVE-2023-20198
TCP
CVE-2022-48648
CVE-2022-48636
CVE-2024-21345
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started