Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
maccms vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2020-21386
A Cross-Site Request Forgery (CSRF) in the component admin.php/admin/type/info.html of Maccms 10 allows malicious users to gain administrator privileges.
Maccms Maccms 10.0
8.8
CVSSv3
CVE-2018-12114
Maccms 10 allows CSRF via admin.php/admin/admin/info.html to add user accounts.
Maccms Maccms 10.0
1 EDB exploit
6.1
CVSSv3
CVE-2020-21387
A cross-site scripting (XSS) vulnerability in the parameter type_en of Maccms 10 allows malicious users to obtain the administrator cookie and escalate privileges via a crafted payload.
Maccms Maccms 10.0
6.1
CVSSv3
CVE-2022-26573
Maccms v10 exists to contain multiple reflected cross-site scripting (XSS) vulnerabilities in /admin.php/admin/art/data.html via the select and input parameters.
Maccms Maccms 10.0
6.1
CVSSv3
CVE-2021-43707
Cross Site Scripting (XSS) vulnerability exists in Maccms v10 via link_Name parameter.
Maccms Maccms 10.0
8.8
CVSSv3
CVE-2019-9829
Maccms 10 allows remote malicious users to execute arbitrary PHP code by entering this code in a template/default_pc/html/art Edit action. This occurs because template rendering uses an include operation on a cache file, which bypasses the prohibition of .php files as templates.
Maccms Maccms 10.0
8.8
CVSSv3
CVE-2022-47872
A Server-Side Request Forgery (SSRF) in maccms10 v2021.1000.2000 allows malicious users to force the application to make arbitrary requests via a crafted payload injected into the Name parameter under the Interface address module.
Maccms Maccms 10.0
1 Github repository
NA
CVE-2024-32391
Cross Site Scripting vulnerability in MacCMS v.10 v.2024.1000.3000 allows a remote malicious user to execute arbitrary code via a crafted payload.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3