Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
maccms maccms vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2022-27885
Maccms v10 exists to contain multiple reflected cross-site scripting (XSS) vulnerabilities in /admin.php/admin/website/data.html via the select and input parameters.
Maccms Maccms 10.0
383
VMScore
CVE-2022-27887
Maccms v10 exists to contain a reflected cross-site scripting (XSS) vulnerability in /admin.php/admin/vod/data.html via the repeat parameter.
Maccms Maccms 10.0
NA
CVE-2022-44870
A reflected cross-site scripting (XSS) vulnerability in maccms10 v2022.1000.3032 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter under the AD Management module.
Maccms Maccms 10.0
2 Github repositories
383
VMScore
CVE-2022-26573
Maccms v10 exists to contain multiple reflected cross-site scripting (XSS) vulnerabilities in /admin.php/admin/art/data.html via the select and input parameters.
Maccms Maccms 10.0
312
VMScore
CVE-2021-45787
There is a stored Cross Site Scripting (XSS) vulnerability in maccms v10 through adding videos. XSS code can be inserted at parameter positions including name and remarks.
Maccms Maccms 10.0
668
VMScore
CVE-2020-21359
An arbitrary file upload vulnerability in the Template Upload function of Maccms10 allows attackers bypass the suffix whitelist verification to execute arbitrary code via adding a character to the end of the uploaded file's name.
Maccms Maccms 10.0
578
VMScore
CVE-2019-9829
Maccms 10 allows remote malicious users to execute arbitrary PHP code by entering this code in a template/default_pc/html/art Edit action. This occurs because template rendering uses an include operation on a cache file, which bypasses the prohibition of .php files as templates.
Maccms Maccms 10.0
NA
CVE-2024-32391
Cross Site Scripting vulnerability in MacCMS v.10 v.2024.1000.3000 allows a remote malicious user to execute arbitrary code via a crafted payload.
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3