Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
minicms vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2019-13186
In MiniCMS V1.10, stored XSS was found in mc-admin/post-edit.php via the tags box. An attacker can use it to get a user's cookie. This is different from CVE-2018-10296, CVE-2018-16233, and CVE-2018-20520.
1234n Minicms 1.10
9.6
CVSSv3
CVE-2021-33387
Cross Site Scripting Vulnerability in MiniCMS v.1.10 allows malicious user to execute arbitrary code via a crafted get request.
1234n Minicms 1.10
6.1
CVSSv3
CVE-2018-17039
MiniCMS 1.10, when Internet Explorer is used, allows XSS via a crafted URI because $_SERVER['REQUEST_URI'] is mishandled.
1234n Minicms 1.10
5.4
CVSSv3
CVE-2021-44970
MiniCMS v1.11 exists to contain a cross-site scripting (XSS) vulnerability via /mc-admin/page-edit.php.
1234n Minicms 1.11
6.1
CVSSv3
CVE-2018-10296
MiniCMS V1.10 has XSS via the mc-admin/post-edit.php title parameter.
1234n Minicms 1.10
8.8
CVSSv3
CVE-2018-9092
There is a CSRF vulnerability in mc-admin/conf.php in MiniCMS 1.10 that can change the administrator account password.
1234n Minicms 1.10
1 EDB exploit
6.1
CVSSv3
CVE-2021-41663
A cross-site scripting (XSS) vulnerability exists in Mini CMS V1.11. The vulnerability exists in the article upload: post-edit.php page.
1234n Minicms 1.11
9.8
CVSSv3
CVE-2018-18892
MiniCMS 1.10 allows execution of arbitrary PHP code via the install.php sitename parameter, which affects the site_name field in mc_conf.php.
1234n Minicms 1.10
6.5
CVSSv3
CVE-2019-9603
MiniCMS 1.10 allows mc-admin/post.php?state=publish&delete= CSRF to delete articles, a different vulnerability than CVE-2018-18891.
1234n Minicms 1.10
NA
CVE-2024-31741
Cross Site Scripting vulnerability in MiniCMS v.1.11 allows a remote malicious user to run arbitrary code via crafted string in the URL after login.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3