Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wolfcms wolf cms vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2018-1000084
WOlfCMS WolfCMS version version 0.8.3.1 contains a Stored Cross-Site Scripting vulnerability in Layout Name (from Layout tab) that can result in low privilege user can steal the cookie of admin user and compromise the admin account. This attack appear to be exploitable via Need t...
Wolfcms Wolf Cms 0.8.3.1
3.5
CVSSv2
CVE-2018-1000087
WolfCMS version version 0.8.3.1 contains a Reflected Cross Site Scripting vulnerability in "Create New File" and "Create New Directory" input box from 'files' Tab that can result in Session Hijacking, Spread Worms,Control the browser remotely. . This...
Wolfcms Wolf Cms 0.8.3.1
3.5
CVSSv2
CVE-2018-6890
Cross-site scripting (XSS) vulnerability in Wolf CMS 0.8.3.1 via the page editing feature, as demonstrated by /?/admin/page/edit/3.
Wolfcms Wolf Cms 0.8.3.1
1 Github repository
4.3
CVSSv2
CVE-2019-10646
Wolf CMS v0.8.3.1 is affected by cross site scripting (XSS) in the module Add Snippet (/?/admin/snippet/add). This allows an malicious user to insert arbitrary JavaScript as user input, which will be executed whenever the affected snippet is loaded.
Wolfcms Wolf Cms 0.8.3.1
3.5
CVSSv2
CVE-2018-18824
WolfCMS v0.8.3.1 allows XSS via an SVG file to /?/admin/plugin/file_manager/browse/.
Wolfcms Wolf Cms 0.8.3.1
3.5
CVSSv2
CVE-2018-18823
WolfCMS 0.8.3.1 allows XSS via an SVG file to /?/admin/plugin/file_manager/browse/.
Wolfcms Wolf Cms 0.8.3.1
4.3
CVSSv2
CVE-2012-1898
Multiple cross-site scripting (XSS) vulnerabilities in wolfcms/admin/user/add in Wolf CMS 0.75 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) user[name], (2) user[email], or (3) user[username] parameters.
Ivano Binetti Wolf Cms
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49333
CVE-2024-33901
CVE-2024-36001
CVE-2024-2835
firewall
XPath injection
authentication bypass
CVE-2024-22120
CVE-2024-32002
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2