Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
1234n minicms 1.10 vulnerabilities and exploits
(subscribe to this query)
356
VMScore
CVE-2018-10423
mc-admin/post.php in MiniCMS 1.10 allows remote malicious users to obtain a directory listing of the top-level directory of the web root via a link that becomes available after posting an article.
1234n Minicms 1.10
356
VMScore
CVE-2018-10424
mc-admin/post-edit.php in MiniCMS 1.10 allows full path disclosure via a modified id field.
1234n Minicms 1.10
312
VMScore
CVE-2018-10227
MiniCMS v1.10 has XSS via the mc-admin/conf.php site_link parameter.
1234n Minicms 1.10
383
VMScore
CVE-2019-13186
In MiniCMS V1.10, stored XSS was found in mc-admin/post-edit.php via the tags box. An attacker can use it to get a user's cookie. This is different from CVE-2018-10296, CVE-2018-16233, and CVE-2018-20520.
1234n Minicms 1.10
383
VMScore
CVE-2018-16298
An issue exists in MiniCMS 1.10. There is an mc-admin/post.php?tag= XSS vulnerability for a state=delete, state=draft, or state=publish request.
1234n Minicms 1.10
312
VMScore
CVE-2019-13339
In MiniCMS V1.10, stored XSS was found in mc-admin/page-edit.php (content box), which can be used to get a user's cookie.
1234n Minicms 1.10
312
VMScore
CVE-2019-13340
In MiniCMS V1.10, stored XSS was found in mc-admin/post-edit.php via the content box. An attacker can use it to get a user's cookie. This is different from CVE-2018-10296, CVE-2018-16233, CVE-2018-20520, and CVE-2019-13186.
1234n Minicms 1.10
312
VMScore
CVE-2019-13341
In MiniCMS V1.10, stored XSS was found in mc-admin/conf.php (comment box), which can be used to get a user's cookie.
1234n Minicms 1.10
383
VMScore
CVE-2018-16233
MiniCMS V1.10 has XSS via the mc-admin/post-edit.php tags parameter.
1234n Minicms 1.10
383
VMScore
CVE-2018-15899
An issue exists in MiniCMS 1.10. There is a post.php?date= XSS vulnerability.
1234n Minicms 1.10
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-3611
CVE-2024-4947
CVE-2024-32988
CVE-2020-35165
local file inclusion
CVE-2024-4980
bypass
malicious code
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »