Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
alkacon opencms vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2008-1753
Cross-site scripting (XSS) vulnerability in system/workplace/admin/workplace/sessions.jsp in Alkacon OpenCMS 7.0.3 allows remote malicious users to inject arbitrary web script or HTML via the searchfilter parameter, a different vector than CVE-2008-1510.
Alkacon Opencms 7.0.3
435
VMScore
CVE-2008-1045
Cross-site scripting (XSS) vulnerability in the file tree navigation function in system/workplace/views/explorer/tree_files.jsp in Alkacon OpenCMS 7.0.3 allows remote malicious users to inject arbitrary web script or HTML via the resource parameter.
Alkacon Opencms 7.0.3
1 EDB exploit
383
VMScore
CVE-2015-2351
Multiple cross-site scripting (XSS) vulnerabilities in Alkacon OpenCms 9.5.1 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) homelink parameter to system/modules/org.opencms.workplace.help/jsptemplates/help_head.jsp, (2) workp...
Alkacon Opencms 9.5.1
NA
CVE-2023-37602
An arbitrary file upload vulnerability in the component /workplace#!explorer of Alkacon OpenCMS v15.0 allows malicious users to execute arbitrary code via uploading a crafted PNG file.
Alkacon Opencms 15.0.0
685
VMScore
CVE-2018-8811
Cross-site request forgery (CSRF) vulnerability in system/workplace/admin/accounts/user_role.jsp in OpenCMS 10.5.3 allows remote malicious users to hijack the authentication of administrative users for requests that perform privilege escalation. Note: It is argued that OpenCMS al...
Alkacon Opencms 10.5.3
1 EDB exploit
435
VMScore
CVE-2008-1510
Cross-site scripting (XSS) vulnerability in system/workplace/admin/accounts/users_list.jsp in Alkacon OpenCMS 7.0.3 allows remote malicious users to inject arbitrary web script or HTML via the (1) searchfilter or (2) listSearchFilter parameter.
Alkacon Opencms 7.0.3
1 EDB exploit
355
VMScore
CVE-2018-8815
Cross-site scripting (XSS) vulnerability in the gallery function in Alkacon OpenCMS 10.5.3 allows remote malicious users to inject arbitrary web script or HTML via a malicious SVG image.
Alkacon Opencms 10.5.3
1 EDB exploit
NA
CVE-2023-31544
A stored cross-site scripting (XSS) vulnerability in alkacon-OpenCMS v11.0.0.0 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Title field under the Upload Image module.
Alkacon Opencms 11.0
383
VMScore
CVE-2009-4505
Multiple cross-site scripting (XSS) vulnerabilities in OpenCMS OAMP Comments Module 1.0.1 allow remote malicious users to inject arbitrary web script or HTML via the name field in a comment, and other unspecified vectors.
Alkacon Oamp Comments 1.0.1
NA
CVE-2019-132351
Alkacon OpenCMS version 10.5.x suffers from multiple cross site scripting vulnerabilities in the Apollo Template.
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »