Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
maccms vulnerabilities and exploits
(subscribe to this query)
436
VMScore
CVE-2020-20514
A Cross-Site Request Forgery (CSRF) in Maccms v10 via admin.php/admin/admin/del/ids/<id>.html allows authenticated malicious users to delete all users.
Maccms Maccms 10.0
383
VMScore
CVE-2020-21082
A cross-site scripting (XSS) vulnerability in the background administrator article management module of Maccms 8.0 allows malicious users to steal administrator and user cookies via crafted payloads in the text fields for Chinese and English names.
Maccms Maccms 8.0
NA
CVE-2022-47872
A Server-Side Request Forgery (SSRF) in maccms10 v2021.1000.2000 allows malicious users to force the application to make arbitrary requests via a crafted payload injected into the Name parameter under the Interface address module.
Maccms Maccms 10.0
1 Github repository
383
VMScore
CVE-2022-27884
Maccms v10 exists to contain a reflected cross-site scripting (XSS) vulnerability in /admin.php/admin/plog/index.html via the wd parameter.
Maccms Maccms 10.0
383
VMScore
CVE-2022-27885
Maccms v10 exists to contain multiple reflected cross-site scripting (XSS) vulnerabilities in /admin.php/admin/website/data.html via the select and input parameters.
Maccms Maccms 10.0
383
VMScore
CVE-2022-27886
Maccms v10 exists to contain a reflected cross-site scripting (XSS) vulnerability in /admin.php/admin/ulog/index.html via the wd parameter.
Maccms Maccms 10.0
383
VMScore
CVE-2022-27887
Maccms v10 exists to contain a reflected cross-site scripting (XSS) vulnerability in /admin.php/admin/vod/data.html via the repeat parameter.
Maccms Maccms 10.0
NA
CVE-2024-32391
Cross Site Scripting vulnerability in MacCMS v.10 v.2024.1000.3000 allows a remote malicious user to execute arbitrary code via a crafted payload.
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3