Vulnerabilities > Maccms

DATE CVE VULNERABILITY TITLE RISK
2022-03-31 CVE-2021-43707 Cross-site Scripting vulnerability in Maccms 10.0
Cross Site Scripting (XSS) vulnerability exists in Maccms v10 via link_Name parameter.
network
maccms CWE-79
4.3
2022-03-25 CVE-2022-26573 Cross-site Scripting vulnerability in Maccms 10.0
Maccms v10 was discovered to contain multiple reflected cross-site scripting (XSS) vulnerabilities in /admin.php/admin/art/data.html via the select and input parameters.
network
maccms CWE-79
4.3
2022-03-25 CVE-2022-27884 Cross-site Scripting vulnerability in Maccms 10.0
Maccms v10 was discovered to contain a reflected cross-site scripting (XSS) vulnerability in /admin.php/admin/plog/index.html via the wd parameter.
network
maccms CWE-79
4.3
2022-03-25 CVE-2022-27885 Cross-site Scripting vulnerability in Maccms 10.0
Maccms v10 was discovered to contain multiple reflected cross-site scripting (XSS) vulnerabilities in /admin.php/admin/website/data.html via the select and input parameters.
network
maccms CWE-79
4.3
2022-03-25 CVE-2022-27886 Cross-site Scripting vulnerability in Maccms 10.0
Maccms v10 was discovered to contain a reflected cross-site scripting (XSS) vulnerability in /admin.php/admin/ulog/index.html via the wd parameter.
network
maccms CWE-79
4.3
2022-03-25 CVE-2022-27887 Cross-site Scripting vulnerability in Maccms 10.0
Maccms v10 was discovered to contain a reflected cross-site scripting (XSS) vulnerability in /admin.php/admin/vod/data.html via the repeat parameter.
network
maccms CWE-79
4.3
2022-03-16 CVE-2021-45786 Improper Authentication vulnerability in Maccms 10.0
In maccms v10, an attacker can log in through /index.php/user/login in the "col" and "openid" parameters to gain privileges.
network
low complexity
maccms CWE-287
7.5
2022-03-16 CVE-2021-45787 Cross-site Scripting vulnerability in Maccms 10.0
There is a stored Cross Site Scripting (XSS) vulnerability in maccms v10 through adding videos.
network
maccms CWE-79
3.5
2021-10-04 CVE-2020-21434 Cross-site Scripting vulnerability in Maccms 10.0
Maccms 10 contains a cross-site scripting (XSS) vulnerability in the Editing function under the Member module.
network
maccms CWE-79
3.5
2021-10-04 CVE-2020-21386 Cross-Site Request Forgery (CSRF) vulnerability in Maccms 10.0
A Cross-Site Request Forgery (CSRF) in the component admin.php/admin/type/info.html of Maccms 10 allows attackers to gain administrator privileges.
network
maccms CWE-352
6.8