Vulnerabilities > Maccms
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-01 | CVE-2022-47872 | Server-Side Request Forgery (SSRF) vulnerability in Maccms 10.0 A Server-Side Request Forgery (SSRF) in maccms10 v2021.1000.2000 allows attackers to force the application to make arbitrary requests via a crafted payload injected into the Name parameter under the Interface address module. | 8.8 |
| 2023-01-06 | CVE-2022-44870 | Cross-site Scripting vulnerability in Maccms 10.0 A reflected cross-site scripting (XSS) vulnerability in maccms10 v2022.1000.3032 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter under the AD Management module. | 6.1 |
| 2022-08-17 | CVE-2022-35148 | SQL Injection vulnerability in Maccms 10.0 maccms10 v2021.1000.1081 to v2022.1000.3031 was discovered to contain a SQL injection vulnerability via the table parameter at database/columns.html. | 6.5 |
| 2022-06-21 | CVE-2022-31302 | Cross-site Scripting vulnerability in Maccms 8.0 maccms8 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Server Group text field. | 5.4 |
| 2022-06-21 | CVE-2022-31303 | Cross-site Scripting vulnerability in Maccms 10.0 maccms10 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Server Group text field. | 5.4 |
| 2022-03-31 | CVE-2021-43707 | Cross-site Scripting vulnerability in Maccms 10.0 Cross Site Scripting (XSS) vulnerability exists in Maccms v10 via link_Name parameter. | 6.1 |
| 2022-03-25 | CVE-2022-26573 | Cross-site Scripting vulnerability in Maccms 10.0 Maccms v10 was discovered to contain multiple reflected cross-site scripting (XSS) vulnerabilities in /admin.php/admin/art/data.html via the select and input parameters. | 6.1 |
| 2022-03-25 | CVE-2022-27884 | Cross-site Scripting vulnerability in Maccms 10.0 Maccms v10 was discovered to contain a reflected cross-site scripting (XSS) vulnerability in /admin.php/admin/plog/index.html via the wd parameter. | 6.1 |
| 2022-03-25 | CVE-2022-27885 | Cross-site Scripting vulnerability in Maccms 10.0 Maccms v10 was discovered to contain multiple reflected cross-site scripting (XSS) vulnerabilities in /admin.php/admin/website/data.html via the select and input parameters. | 6.1 |
| 2022-03-25 | CVE-2022-27886 | Cross-site Scripting vulnerability in Maccms 10.0 Maccms v10 was discovered to contain a reflected cross-site scripting (XSS) vulnerability in /admin.php/admin/ulog/index.html via the wd parameter. | 6.1 |