Vulnerabilities > Maccms

DATE	CVE	VULNERABILITY TITLE	RISK
2021-08-11	CVE-2020-21363	Externally Controlled Reference to a Resource in Another Sphere vulnerability in Maccms 10.0 An arbitrary file deletion vulnerability exists within Maccms10. network low complexity maccms CWE-610	5.5
2019-06-07	CVE-2018-19465	Cross-site Scripting vulnerability in Maccms Maccms through 8.0 allows XSS via the site_keywords field to index.php?m=system-config because of tpl/module/system.php and tpl/html/system_config.html, related to template/paody/html/vod_index.html. network maccms CWE-79	4.3
2019-03-15	CVE-2019-9829	Code Injection vulnerability in Maccms 10.0 Maccms 10 allows remote attackers to execute arbitrary PHP code by entering this code in a template/default_pc/html/art Edit action. network low complexity maccms CWE-94	6.5
2019-02-27	CVE-2019-8410	Cross-site Scripting vulnerability in Maccms Maccms 8.0 allows XSS via the inc/config/cache.php t_key parameter because template/paody/html/vod_type.html mishandles the keywords parameter, and a/tpl/module/db.php only filters the t_name parameter (not t_key). network maccms CWE-79	4.3
2018-06-14	CVE-2018-12114	Cross-Site Request Forgery (CSRF) vulnerability in Maccms 10.0 Maccms 10 allows CSRF via admin.php/admin/admin/info.html to add user accounts. network maccms CWE-352	6.8
2017-12-18	CVE-2017-17733	Unspecified vulnerability in Maccms 8.0 Maccms 8.x allows remote command execution via the wd parameter in an index.php?m=vod-search request. network low complexity maccms	7.5

Vulnerabilities > Maccms {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Maccms"}]}