Vulnerabilities > Maccms

DATE CVE VULNERABILITY TITLE RISK
2023-02-01 CVE-2022-47872 Server-Side Request Forgery (SSRF) vulnerability in Maccms 10.0
A Server-Side Request Forgery (SSRF) in maccms10 v2021.1000.2000 allows attackers to force the application to make arbitrary requests via a crafted payload injected into the Name parameter under the Interface address module.
network
low complexity
maccms CWE-918
8.8
2023-01-06 CVE-2022-44870 Cross-site Scripting vulnerability in Maccms 10.0
A reflected cross-site scripting (XSS) vulnerability in maccms10 v2022.1000.3032 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter under the AD Management module.
network
low complexity
maccms CWE-79
6.1
2022-08-17 CVE-2022-35148 SQL Injection vulnerability in Maccms 10.0
maccms10 v2021.1000.1081 to v2022.1000.3031 was discovered to contain a SQL injection vulnerability via the table parameter at database/columns.html.
network
low complexity
maccms CWE-89
6.5
2022-06-21 CVE-2022-31302 Cross-site Scripting vulnerability in Maccms 8.0
maccms8 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Server Group text field.
network
low complexity
maccms CWE-79
5.4
2022-06-21 CVE-2022-31303 Cross-site Scripting vulnerability in Maccms 10.0
maccms10 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Server Group text field.
network
low complexity
maccms CWE-79
5.4
2022-03-31 CVE-2021-43707 Cross-site Scripting vulnerability in Maccms 10.0
Cross Site Scripting (XSS) vulnerability exists in Maccms v10 via link_Name parameter.
network
low complexity
maccms CWE-79
6.1
2022-03-25 CVE-2022-26573 Cross-site Scripting vulnerability in Maccms 10.0
Maccms v10 was discovered to contain multiple reflected cross-site scripting (XSS) vulnerabilities in /admin.php/admin/art/data.html via the select and input parameters.
network
low complexity
maccms CWE-79
6.1
2022-03-25 CVE-2022-27884 Cross-site Scripting vulnerability in Maccms 10.0
Maccms v10 was discovered to contain a reflected cross-site scripting (XSS) vulnerability in /admin.php/admin/plog/index.html via the wd parameter.
network
low complexity
maccms CWE-79
6.1
2022-03-25 CVE-2022-27885 Cross-site Scripting vulnerability in Maccms 10.0
Maccms v10 was discovered to contain multiple reflected cross-site scripting (XSS) vulnerabilities in /admin.php/admin/website/data.html via the select and input parameters.
network
low complexity
maccms CWE-79
6.1
2022-03-25 CVE-2022-27886 Cross-site Scripting vulnerability in Maccms 10.0
Maccms v10 was discovered to contain a reflected cross-site scripting (XSS) vulnerability in /admin.php/admin/ulog/index.html via the wd parameter.
network
low complexity
maccms CWE-79
6.1