Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Minicms
(1234n)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 28 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2018-08-31 | CVE-2018-16298 | An issue was discovered in MiniCMS 1.10. There is an mc-admin/post.php?tag= XSS vulnerability for a state=delete, state=draft, or state=publish request. | Minicms | 6.1 | ||
| 2018-08-30 | CVE-2018-16233 | MiniCMS V1.10 has XSS via the mc-admin/post-edit.php tags parameter. | Minicms | 6.1 | ||
| 2018-08-27 | CVE-2018-15899 | An issue was discovered in MiniCMS 1.10. There is a post.php?date= XSS vulnerability. | Minicms | 6.1 | ||
| 2018-04-26 | CVE-2018-10424 | mc-admin/post-edit.php in MiniCMS 1.10 allows full path disclosure via a modified id field. | Minicms | 2.7 | ||
| 2018-04-26 | CVE-2018-10423 | mc-admin/post.php in MiniCMS 1.10 allows remote attackers to obtain a directory listing of the top-level directory of the web root via a link that becomes available after posting an article. | Minicms | 2.7 | ||
| 2018-04-22 | CVE-2018-10296 | MiniCMS V1.10 has XSS via the mc-admin/post-edit.php title parameter. | Minicms | 6.1 | ||
| 2018-04-19 | CVE-2018-10227 | MiniCMS v1.10 has XSS via the mc-admin/conf.php site_link parameter. | Minicms | 5.4 | ||
| 2018-08-20 | CVE-2018-1000638 | MiniCMS version 1.1 contains a Cross Site Scripting (XSS) vulnerability in http://example.org/mc-admin/page.php?date={payload} that can result in code injection. | Minicms | 6.1 |