Vulnerabilities > Dotcms

DATE	CVE	VULNERABILITY TITLE	RISK
2012-06-08	CVE-2012-1826	Permissions, Privileges, and Access Controls vulnerability in Dotcms 1.9/1.9.2.1 dotCMS 1.9 before 1.9.5.1 allows remote authenticated users to execute arbitrary Java code via a crafted (1) XSLT or (2) Velocity template. network dotcms CWE-264	6.0
2008-08-19	CVE-2008-3708	Path Traversal vulnerability in Dotcms 1.6.0.9 Multiple directory traversal vulnerabilities in dotCMS 1.6.0.9 allow remote attackers to read arbitrary files via a .. network dotcms CWE-22	4.3
2008-05-21	CVE-2008-2397	Cross-Site Scripting vulnerability in Dotcms Cross-site scripting (XSS) vulnerability in search-results.dot in dotCMS 1.x allows remote attackers to inject arbitrary web script or HTML via the search_query parameter. network dotcms CWE-79	4.3

Vulnerabilities > Dotcms {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Dotcms"}]}