Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
composr vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2020-8789
Composr 10.0.30 allows Persistent XSS via a Usergroup name under the Security configuration.
Composr Project Composr
6.5
CVSSv2
CVE-2021-46360
Authenticated remote code execution (RCE) in Composr-CMS 10.0.39 and previous versions allows remote malicious users to execute arbitrary code via uploading a PHP shell through /adminzone/index.php?page=admin-commandr.
Ocproducts Composr
1 Github repository
7.5
CVSSv2
CVE-2021-30149
Composr 10.0.36 allows upload and execution of PHP files.
Ocproducts Composr 10.0.36
4.3
CVSSv2
CVE-2021-30150
Composr 10.0.36 allows XSS in an XML script.
Ocproducts Composr 10.0.36
3.5
CVSSv2
CVE-2021-38708
In ocProducts Composr CMS prior to 10.0.38, an attacker can inject JavaScript via Comcode for XSS.
Compo Composr Cms
4.3
CVSSv2
CVE-2021-38709
In ocProducts Composr CMS prior to 10.0.38, an attacker can inject JavaScript via the staff_messaging messaging system for XSS.
Compo Composr Cms
3.5
CVSSv2
CVE-2018-6518
Composr CMS 10.0.13 has XSS via the site_name parameter in a page=admin-setupwizard&type=step3 request to /adminzone/index.php.
Compo Composr Cms 10.0.13
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4040
cross-site scripting
CVE-2023-25790
CVE-2024-2961
XML external entity
CVE-2024-26926
CVE-2024-32806
CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started