Vulnerabilities > Cotonti
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-02-08 | CVE-2024-24115 | Cross-site Scripting vulnerability in Cotonti Siena 0.9.24 A stored cross-site scripting (XSS) vulnerability in the Edit Page function of Cotonti CMS v0.9.24 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload. | 5.4 |
2013-08-09 | CVE-2013-4789 | SQL Injection vulnerability in Cotonti Siena SQL injection vulnerability in modules/rss/rss.php in Cotonti before 0.9.14 allows remote attackers to execute arbitrary SQL commands via the "c" parameter to index.php. | 7.5 |