Vulnerabilities > Razorcms

DATE	CVE	VULNERABILITY TITLE	RISK
2018-12-31	CVE-2018-19906	Cross-site Scripting vulnerability in Razorcms 3.4.8 Stored XSS exists in razorCMS 3.4.8 via the /#/page description parameter. network low complexity razorcms CWE-79	5.4
2018-12-31	CVE-2018-19905	Cross-site Scripting vulnerability in Razorcms 3.4.8 HTML injection exists in razorCMS 3.4.8 via the /#/page keywords parameter. network low complexity razorcms CWE-79	5.4
2018-10-05	CVE-2018-17986	Cross-Site Request Forgery (CSRF) vulnerability in Razorcms 3.4.8 rars/user/data in razorCMS 3.4.8 allows CSRF for changing the password of an admin user. network low complexity razorcms CWE-352	8.8
2018-09-12	CVE-2018-16727	Cross-site Scripting vulnerability in Razorcms 3.4.7 razorCMS 3.4.7 allows Stored XSS via the keywords of the homepage within the settings component. network low complexity razorcms CWE-79	5.4
2018-09-12	CVE-2018-16726	Cross-site Scripting vulnerability in Razorcms 3.4.7 razorCMS 3.4.7 allows HTML injection via the description of the homepage within the settings component. network low complexity razorcms CWE-79	5.4

Vulnerabilities > Razorcms {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Razorcms"}]}