Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
minicms vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2018-16233
MiniCMS V1.10 has XSS via the mc-admin/post-edit.php tags parameter.
1234n Minicms 1.10
685
VMScore
CVE-2018-9092
There is a CSRF vulnerability in mc-admin/conf.php in MiniCMS 1.10 that can change the administrator account password.
1234n Minicms 1.10
1 EDB exploit
668
VMScore
CVE-2020-19896
File inclusion vulnerability in Minicms v1.9 allows remote malicious users to execute arbitary PHP code via post-edit.php.
1234n Minicms 1.9
383
VMScore
CVE-2020-17999
Cross Site Scripting (XSS) in MiniCMS v1.10 allows remote malicious users to execute arbitrary code by injecting commands via a crafted HTTP request to the component "/mc-admin/post-edit.php".
1234n Minicms 1.10
383
VMScore
CVE-2018-10296
MiniCMS V1.10 has XSS via the mc-admin/post-edit.php title parameter.
1234n Minicms 1.10
445
VMScore
CVE-2018-18890
MiniCMS 1.10 allows full path disclosure via /mc-admin/post.php?state=delete&delete= with an invalid filename.
1234n Minicms 1.10
570
VMScore
CVE-2018-18891
MiniCMS 1.10 allows file deletion via /mc-admin/post.php?state=delete&delete= because the authentication check occurs too late.
1234n Minicms 1.10
668
VMScore
CVE-2018-18892
MiniCMS 1.10 allows execution of arbitrary PHP code via the install.php sitename parameter, which affects the site_name field in mc_conf.php.
1234n Minicms 1.10
NA
CVE-2023-46378
Stored Cross Site Scripting (XSS) vulnerability in MiniCMS 1.1.1 allows malicious users to run arbitrary code via crafted string appended to /mc-admin/conf.php.
1234n Minicms 1.11
NA
CVE-2024-31741
Cross Site Scripting vulnerability in MiniCMS v.1.11 allows a remote malicious user to run arbitrary code via crafted string in the URL after login.
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3