Vulnerabilities > Maxsite

DATE CVE VULNERABILITY TITLE RISK
2023-07-03 CVE-2023-36291 Cross-site Scripting vulnerability in Maxsite CMS 108.7
Cross Site Scripting vulnerability in Maxsite CMS v.108.7 allows a remote attacker to execute arbitrary code via the f_content parameter in the admin/page_new file.
network
low complexity
maxsite CWE-79
6.1
2021-08-03 CVE-2021-35265 Cross-site Scripting vulnerability in Maxsite CMS
A reflected cross-site scripting (XSS) vulnerability in MaxSite CMS before V106 via product/page/* allows remote attackers to inject arbitrary web script to a page.
network
maxsite CWE-79
4.3
2008-05-28 CVE-2008-2487 SQL Injection vulnerability in Maxsite
SQL injection vulnerability in index.php in MAXSITE 1.10 and earlier allows remote attackers to execute arbitrary SQL commands via the category parameter in a webboard action.
network
low complexity
maxsite CWE-89
7.5