Vulnerabilities > 5None

DATE	CVE	VULNERABILITY TITLE	RISK
2023-05-08	CVE-2020-18282	Cross-site Scripting vulnerability in 5None Nonecms 1.3.0 Cross-site scripting (XSS) vulnerability in NoneCms 1.3.0 allows remote attackers to inject arbitrary web script or HTML via feedback feature. network low complexity 5none CWE-79	6.1
2021-06-22	CVE-2020-18646	Exposure of Resource to Wrong Sphere vulnerability in 5None Nonecms 1.3.0 Information Disclosure in NoneCMS v1.3 allows remote attackers to obtain sensitive information via the component "/public/index.php". network low complexity 5none CWE-668	5.0
2021-06-22	CVE-2020-18647	Exposure of Resource to Wrong Sphere vulnerability in 5None Nonecms 1.3.0 Information Disclosure in NoneCMS v1.3 allows remote attackers to obtain sensitive information via the component "/nonecms/vendor". network low complexity 5none CWE-668	5.0
2021-05-10	CVE-2020-23371	Cross-site Scripting vulnerability in 5None Nonecms 1.3.0 Cross-site scripting (XSS) vulnerability in static/admin/js/kindeditor/plugins/multiimage/images/swfupload.swf in noneCms v1.3.0 allows remote attackers to inject arbitrary web script or HTML via the movieName parameter. network 5none CWE-79	4.3
2021-05-10	CVE-2020-23373	Cross-site Scripting vulnerability in 5None Nonecms 1.3.0 Cross-site scripting (XSS) vulnerability in admin/nav/add.html in noneCMS v1.3.0 allows remote authenticated attackers to inject arbitrary web script or HTML via the name parameter. network 5none CWE-79	3.5
2021-05-10	CVE-2020-23374	Cross-site Scripting vulnerability in 5None Nonecms 1.3.0 Cross-site scripting (XSS) vulnerability in admin/article/add.html in noneCMS v1.3.0 allows remote authenticated attackers to inject arbitrary web script or HTML via the name parameter. network 5none CWE-79	3.5
2021-05-10	CVE-2020-23376	Cross-Site Request Forgery (CSRF) vulnerability in 5None Nonecms 1.3.0 NoneCMS v1.3 has a CSRF vulnerability in public/index.php/admin/nav/add.html, as demonstrated by adding a navigation column which can be injected with arbitrary web script or HTML via the name parameter to launch a stored XSS attack. network low complexity 5none CWE-352	6.1
2019-09-23	CVE-2019-16721	Cross-Site Request Forgery (CSRF) vulnerability in 5None Nonecms 1.3.0 NoneCMS v1.3 has CSRF in public/index.php/admin/admin/dele.html, as demonstrated by deleting the admin user. network 5none CWE-352	5.8
2018-12-11	CVE-2018-20062	Improper Input Validation vulnerability in 5None Nonecms 1.3.0 An issue was discovered in NoneCms V1.3. network low complexity 5none CWE-20	7.5
2018-02-19	CVE-2018-7219	Cross-Site Request Forgery (CSRF) vulnerability in 5None Nonecms 1.3.0 application/admin/controller/Admin.php in NoneCms 1.3.0 has CSRF, as demonstrated by changing an admin password or adding an account via a public/index.php/admin/admin/edit.html request. network 5none CWE-352	6.8

Vulnerabilities > 5None {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"5None"}]}

Vulnerabilities > 5None