Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
composr vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2020-8789
Composr 10.0.30 allows Persistent XSS via a Usergroup name under the Security configuration.
Composr Project Composr
8.8
CVSSv3
CVE-2021-46360
Authenticated remote code execution (RCE) in Composr-CMS 10.0.39 and previous versions allows remote malicious users to execute arbitrary code via uploading a PHP shell through /adminzone/index.php?page=admin-commandr.
Ocproducts Composr
1 Github repository
5.4
CVSSv3
CVE-2021-38708
In ocProducts Composr CMS prior to 10.0.38, an attacker can inject JavaScript via Comcode for XSS.
Compo Composr Cms
6.1
CVSSv3
CVE-2021-38709
In ocProducts Composr CMS prior to 10.0.38, an attacker can inject JavaScript via the staff_messaging messaging system for XSS.
Compo Composr Cms
6.1
CVSSv3
CVE-2021-30150
Composr 10.0.36 allows XSS in an XML script.
Ocproducts Composr 10.0.36
9.8
CVSSv3
CVE-2021-30149
Composr 10.0.36 allows upload and execution of PHP files.
Ocproducts Composr 10.0.36
4.8
CVSSv3
CVE-2018-6518
Composr CMS 10.0.13 has XSS via the site_name parameter in a page=admin-setupwizard&type=step3 request to /adminzone/index.php.
Compo Composr Cms 10.0.13
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started