Vulnerabilities > 5None
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-08 | CVE-2020-18282 | Cross-site Scripting vulnerability in 5None Nonecms 1.3.0 Cross-site scripting (XSS) vulnerability in NoneCms 1.3.0 allows remote attackers to inject arbitrary web script or HTML via feedback feature. | 6.1 |
| 2021-06-22 | CVE-2020-18646 | Exposure of Resource to Wrong Sphere vulnerability in 5None Nonecms 1.3.0 Information Disclosure in NoneCMS v1.3 allows remote attackers to obtain sensitive information via the component "/public/index.php". | 7.5 |
| 2021-06-22 | CVE-2020-18647 | Exposure of Resource to Wrong Sphere vulnerability in 5None Nonecms 1.3.0 Information Disclosure in NoneCMS v1.3 allows remote attackers to obtain sensitive information via the component "/nonecms/vendor". | 7.5 |
| 2021-05-10 | CVE-2020-23371 | Cross-site Scripting vulnerability in 5None Nonecms 1.3.0 Cross-site scripting (XSS) vulnerability in static/admin/js/kindeditor/plugins/multiimage/images/swfupload.swf in noneCms v1.3.0 allows remote attackers to inject arbitrary web script or HTML via the movieName parameter. | 6.1 |
| 2021-05-10 | CVE-2020-23373 | Cross-site Scripting vulnerability in 5None Nonecms 1.3.0 Cross-site scripting (XSS) vulnerability in admin/nav/add.html in noneCMS v1.3.0 allows remote authenticated attackers to inject arbitrary web script or HTML via the name parameter. | 5.4 |
| 2021-05-10 | CVE-2020-23374 | Cross-site Scripting vulnerability in 5None Nonecms 1.3.0 Cross-site scripting (XSS) vulnerability in admin/article/add.html in noneCMS v1.3.0 allows remote authenticated attackers to inject arbitrary web script or HTML via the name parameter. | 5.4 |
| 2021-05-10 | CVE-2020-23376 | Cross-Site Request Forgery (CSRF) vulnerability in 5None Nonecms 1.3.0 NoneCMS v1.3 has a CSRF vulnerability in public/index.php/admin/nav/add.html, as demonstrated by adding a navigation column which can be injected with arbitrary web script or HTML via the name parameter to launch a stored XSS attack. | 6.1 |
| 2019-09-23 | CVE-2019-16721 | Cross-Site Request Forgery (CSRF) vulnerability in 5None Nonecms 1.3.0 NoneCMS v1.3 has CSRF in public/index.php/admin/admin/dele.html, as demonstrated by deleting the admin user. | 6.5 |
| 2018-12-11 | CVE-2018-20062 | Unspecified vulnerability in 5None Nonecms 1.3.0 An issue was discovered in NoneCms V1.3. | 9.8 |
| 2018-02-19 | CVE-2018-7219 | Cross-Site Request Forgery (CSRF) vulnerability in 5None Nonecms 1.3.0 application/admin/controller/Admin.php in NoneCms 1.3.0 has CSRF, as demonstrated by changing an admin password or adding an account via a public/index.php/admin/admin/edit.html request. | 8.8 |