Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ofcms project ofcms vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2022-27960
Insecure permissions configured in the user_id parameter at SysUserController.java of OFCMS v1.1.4 allows malicious users to access and arbitrarily modify users' personal information.
Ofcms Project Ofcms 1.1.4
5.4
CVSSv3
CVE-2022-27961
A cross-site scripting (XSS) vulnerability at /ofcms/company-c-47 in OFCMS v1.1.4 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Comment text box.
Ofcms Project Ofcms 1.1.4
5.4
CVSSv3
CVE-2023-51807
Cross Site Scripting vulnerability in OFCMS v.1.14 allows a remote malicious user to obtain sensitive information via a crafted payload to the title addition component.
Ofcms Project Ofcms 1.1.4
8.8
CVSSv3
CVE-2023-24760
An issue found in Ofcms v.1.1.4 allows a remote malicious user to to escalate privileges via the respwd method in SysUserController.
Ofcms Project Ofcms 1.1.4
6.1
CVSSv3
CVE-2022-29653
OFCMS v1.1.4 exists to contain a cross-site scripting (XSS) vulnerability via the component /admin/comn/service/update.json.
Ofcms Project Ofcms 1.1.4
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2