Vulnerabilities > Chaoji CMS Project

DATE CVE VULNERABILITY TITLE RISK
2023-06-27 CVE-2020-18414 Cross-site Scripting vulnerability in Chaoji CMS Project Chaoji CMS 2.18
Stored cross site scripting (XSS) vulnerability in Chaoji CMS v2.18 that allows attackers to execute arbitrary code via /index.php?admin-master-webset.
network
low complexity
chaoji-cms-project CWE-79
4.8
2023-06-27 CVE-2020-18410 Cross-site Scripting vulnerability in Chaoji CMS Project Chaoji CMS 2.18
A stored cross site scripting (XSS) vulnerability in /index.php?admin-master-article-edit of Chaoji CMS v2.18 that allows attackers to obtain administrator privileges.
network
low complexity
chaoji-cms-project CWE-79
4.8
2023-06-27 CVE-2020-18413 Cross-site Scripting vulnerability in Chaoji CMS Project Chaoji CMS 2.18
Stored cross site scripting (XSS) vulnerability in /index.php?admin-master-navmenu-add of Chaoji CMS v2.18 that allows attackers to execute arbitrary code.
network
low complexity
chaoji-cms-project CWE-79
4.8
2021-10-14 CVE-2020-19962 Cross-site Scripting vulnerability in Chaoji CMS Project Chaoji CMS 2.39
A stored cross-site scripting (XSS) vulnerability in the getClientIp function in /lib/tinwin.class.php of Chaoji CMS 2.39, allows attackers to execute arbitrary web scripts.
network
low complexity
chaoji-cms-project CWE-79
5.4