Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
maccms vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2020-21081
A cross-site request forgery (CSRF) in Maccms 8.0 causes administrators to add and modify articles without their knowledge via clicking on a crafted URL.
Maccms Maccms 8.0
383
VMScore
CVE-2020-21082
A cross-site scripting (XSS) vulnerability in the background administrator article management module of Maccms 8.0 allows malicious users to steal administrator and user cookies via crafted payloads in the text fields for Chinese and English names.
Maccms Maccms 8.0
668
VMScore
CVE-2020-21359
An arbitrary file upload vulnerability in the Template Upload function of Maccms10 allows attackers bypass the suffix whitelist verification to execute arbitrary code via adding a character to the end of the uploaded file's name.
Maccms Maccms 10.0
312
VMScore
CVE-2020-21362
A cross site scripting (XSS) vulnerability in the background search function of Maccms10 allows malicious users to execute arbitrary web scripts or HTML via the 'wd' parameter.
Maccms Maccms 10.0
605
VMScore
CVE-2020-21386
A Cross-Site Request Forgery (CSRF) in the component admin.php/admin/type/info.html of Maccms 10 allows malicious users to gain administrator privileges.
Maccms Maccms 10.0
383
VMScore
CVE-2020-21387
A cross-site scripting (XSS) vulnerability in the parameter type_en of Maccms 10 allows malicious users to obtain the administrator cookie and escalate privileges via a crafted payload.
Maccms Maccms 10.0
383
VMScore
CVE-2022-27885
Maccms v10 exists to contain multiple reflected cross-site scripting (XSS) vulnerabilities in /admin.php/admin/website/data.html via the select and input parameters.
Maccms Maccms 10.0
383
VMScore
CVE-2022-27884
Maccms v10 exists to contain a reflected cross-site scripting (XSS) vulnerability in /admin.php/admin/plog/index.html via the wd parameter.
Maccms Maccms 10.0
383
VMScore
CVE-2022-27886
Maccms v10 exists to contain a reflected cross-site scripting (XSS) vulnerability in /admin.php/admin/ulog/index.html via the wd parameter.
Maccms Maccms 10.0
383
VMScore
CVE-2022-27887
Maccms v10 exists to contain a reflected cross-site scripting (XSS) vulnerability in /admin.php/admin/vod/data.html via the repeat parameter.
Maccms Maccms 10.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-17519
open redirect
CVE-2024-21683
cache poisoning
CVE-2021-47524
CVE-2021-47521
CVE-2024-5229
CVE-2021-47560
local
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »