Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
blackcat-cms blackcat cms vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2017-14049
In BlackCat CMS 1.2, backend/settings/ajax_save_settings.php allows remote authenticated users to conduct XSS attacks via the Website header or Website footer field.
Blackcat-cms Blackcat Cms 1.2
6.5
CVSSv2
CVE-2017-14050
In BlackCat CMS 1.2, backend/addons/install.php allows remote authenticated users to execute arbitrary PHP code via a ZIP archive that contains a .php file.
Blackcat-cms Blackcat Cms 1.2
3.5
CVSSv2
CVE-2018-16635
Blackcat CMS 1.3.2 allows XSS via the willkommen.php?lang=DE page title at backend/pages/modify.php.
Blackcat-cms Blackcat Cms 1.3.2
4
CVSSv2
CVE-2017-13670
In BlackCat CMS 1.2, remote authenticated users can upload any file via the media upload function in backend/media/ajax_upload.php, as demonstrated by a ZIP archive that contains a .php file.
Blackcat-cms Blackcat Cms 1.2
3.5
CVSSv2
CVE-2021-27237
The admin panel in BlackCat CMS 1.3.6 allows stored XSS (by an admin) via the Display Name field to backend/preferences/ajax_save.php.
Blackcat-cms Blackcat Cms 1.3.6
3.5
CVSSv2
CVE-2020-25877
A stored cross site scripting (XSS) vulnerability in the 'Add Page' feature of BlackCat CMS 1.3.6 allows authenticated malicious users to execute arbitrary web scripts or HTML via a crafted payload entered into the 'Title' parameter.
Blackcat-cms Blackcat Cms 1.3.6
3.5
CVSSv2
CVE-2020-25878
A stored cross site scripting (XSS) vulnerability in the 'Admin-Tools' feature of BlackCat CMS 1.3.6 allows authenticated malicious users to execute arbitrary web scripts or HTML via crafted payloads entered into the 'Output Filters' and 'Droplets' m...
Blackcat-cms Blackcat Cms 1.3.6
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2