Published: 23/03/2015 Updated: 03/12/2016

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 435

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Multiple cross-site scripting (XSS) vulnerabilities in MetalGenix GeniXCMS prior to 0.0.2 allow remote malicious users to inject arbitrary web script or HTML via the (1) cat parameter in the categories page to gxadmin/index.php or (2) page parameter to index.php.

Vulnerable Product	Search on Vulmon	Subscribe to Product
genixcms genixcms

GeniXCMS v001 Remote Unauthenticated SQL Injection Exploit Vendor: MetalGenix Product web page: wwwgenixcmsorg Affected version: 001 Summary: GenixCMS is a PHP Based Content Management System and Framework (CMSF) It's a simple and lightweight of CMSF Very suitable for Intermediate PHP developer to Advanced Developer Some manual c ...

CWE-79 http://osvdb.org/show/osvdb/119394 https://github.com/semplon/GeniXCMS/issues/7 http://blog.metalgenix.com/genixcms-v0-0-2-release-security-and-bug-fixes/17 http://packetstormsecurity.com/files/130771/GeniXCMS-0.0.1-Cross-Site-Scripting.html https://github.com/semplon/GeniXCMS/commit/698245488343396185b1b49e7482ee5b25541815 http://www.zeroscience.mk/en/vulnerabilities/ZSL-2015-5233.php http://www.exploit-db.com/exploits/36321 http://www.securityfocus.com/bid/73301 https://nvd.nist.gov https://www.exploit-db.com/exploits/36321/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2015-2678

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect