Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
minicms vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2012-5231
miniCMS 1.0 and 2.0 allows remote malicious users to execute arbitrary PHP code via a crafted (1) pagename or (2) area variable containing an executable extension, which is not properly handled by (a) update.php when writing files to content/, or (b) updatenews.php when writing f...
Jessgramp Minicms 1.0
Jessgramp Minicms 2.0
1 EDB exploit
356
VMScore
CVE-2018-10423
mc-admin/post.php in MiniCMS 1.10 allows remote malicious users to obtain a directory listing of the top-level directory of the web root via a link that becomes available after posting an article.
1234n Minicms 1.10
NA
CVE-2023-46378
Stored Cross Site Scripting (XSS) vulnerability in MiniCMS 1.1.1 allows malicious users to run arbitrary code via crafted string appended to /mc-admin/conf.php.
1234n Minicms 1.11
356
VMScore
CVE-2018-10424
mc-admin/post-edit.php in MiniCMS 1.10 allows full path disclosure via a modified id field.
1234n Minicms 1.10
312
VMScore
CVE-2018-10227
MiniCMS v1.10 has XSS via the mc-admin/conf.php site_link parameter.
1234n Minicms 1.10
383
VMScore
CVE-2019-13186
In MiniCMS V1.10, stored XSS was found in mc-admin/post-edit.php via the tags box. An attacker can use it to get a user's cookie. This is different from CVE-2018-10296, CVE-2018-16233, and CVE-2018-20520.
1234n Minicms 1.10
383
VMScore
CVE-2018-16298
An issue exists in MiniCMS 1.10. There is an mc-admin/post.php?tag= XSS vulnerability for a state=delete, state=draft, or state=publish request.
1234n Minicms 1.10
312
VMScore
CVE-2019-13339
In MiniCMS V1.10, stored XSS was found in mc-admin/page-edit.php (content box), which can be used to get a user's cookie.
1234n Minicms 1.10
312
VMScore
CVE-2019-13340
In MiniCMS V1.10, stored XSS was found in mc-admin/post-edit.php via the content box. An attacker can use it to get a user's cookie. This is different from CVE-2018-10296, CVE-2018-16233, CVE-2018-20520, and CVE-2019-13186.
1234n Minicms 1.10
312
VMScore
CVE-2019-13341
In MiniCMS V1.10, stored XSS was found in mc-admin/conf.php (comment box), which can be used to get a user's cookie.
1234n Minicms 1.10
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-3611
CVE-2024-4947
CVE-2024-32988
CVE-2020-35165
local file inclusion
CVE-2024-4980
bypass
malicious code
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »