Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 01/10/2012 Updated: 02/10/2012

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 435

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Multiple cross-site scripting (XSS) vulnerabilities in wolfcms/admin/user/add in Wolf CMS 0.75 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) user[name], (2) user[email], or (3) user[username] parameters.

Vulnerable Product	Search on Vulmon	Subscribe to Product
ivano binetti wolf cms

+--------------------------------------------------------------------------------------------------------------------------------+ # Exploit Title : Wolfcms <= 075 Multiple Vulnerabilities (CSRF - XSS) # Date : 22-03-2012 # Author : Ivano Binetti (wwwivanobinetticom) # Software link : wolfcmsgooglec ...

CWE-79 http://www.webapp-security.com/wp-content/uploads/2012/03/Wolfcms-0.75-Multiple-Vulnerabilities-CSRF-XSS.txt http://www.webapp-security.com/2012/03/wolfcms/http://packetstormsecurity.org/files/111116/Wolfcms-0.75-Cross-Site-Request-Forgery-Cross-Site-Scripting.html https://nvd.nist.gov https://www.exploit-db.com/exploits/18652/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2012-1898

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect