Vulnerabilities > Moderncampus

DATE	CVE	VULNERABILITY TITLE	RISK
2024-06-13	CVE-2023-35859	Cross-site Scripting vulnerability in Moderncampus Omni CMS 2023.1 A Reflected Cross-Site Scripting (XSS) vulnerability in the blog function of Modern Campus - Omni CMS 2023.1 allows a remote attacker to inject arbitrary scripts or HTML via multiple parameters. network low complexity moderncampus CWE-79	6.1
2024-06-13	CVE-2023-35860	Path Traversal vulnerability in Moderncampus Omni CMS 2023.1 A Directory Traversal vulnerability in Modern Campus - Omni CMS 2023.1 allows a remote, unauthenticated attacker to enumerate file system information via the dir parameter to listing.php or rss.php. network low complexity moderncampus CWE-22	5.3
2022-09-18	CVE-2022-40766	SQL Injection vulnerability in Moderncampus Omni CMS 10.2.4 Modern Campus Omni CMS (formerly OU Campus) 10.2.4 allows login-page SQL injection via a '" OR 1 = 1 -- - , <?php' substring. network low complexity moderncampus CWE-89 critical	9.8

Vulnerabilities > Moderncampus {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Moderncampus"}]}