Vulnerabilities > Mipcms

DATE	CVE	VULNERABILITY TITLE	RISK
2023-05-08	CVE-2020-18132	Cross-site Scripting vulnerability in Mipcms 3.6.0 Cross Site Scripting (XSS) vulnerability in MIPCMS 3.6.0 allows attackers to execute arbitrary code via the category name field to categoryEdit. network low complexity mipcms CWE-79	4.8
2021-09-09	CVE-2020-19263	Cross-Site Request Forgery (CSRF) vulnerability in Mipcms 5.0.1 A cross-site request forgery (CSRF) in MipCMS v5.0.1 allows attackers to arbitrarily escalate user privileges to administrator via index.php?s=/user/ApiAdminUser/itemEdit. network low complexity mipcms CWE-352	8.8
2021-09-09	CVE-2020-19264	Cross-Site Request Forgery (CSRF) vulnerability in Mipcms 5.0.1 A cross-site request forgery (CSRF) in MipCMS v5.0.1 allows attackers to arbitrarily add users via index.php?s=/user/ApiAdminUser/itemAdd. network low complexity mipcms CWE-352	6.5
2021-07-08	CVE-2020-20582	Server-Side Request Forgery (SSRF) vulnerability in Mipcms 5.0.1 A server side request forgery (SSRF) vulnerability in /ApiAdminDomainSettings.php of MipCMS 5.0.1 allows attackers to access sensitive information. network low complexity mipcms CWE-918	7.5

Vulnerabilities > Mipcms {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Mipcms"}]}