Vulnerabilities > Twilightcms

DATE	CVE	VULNERABILITY TITLE	RISK
2013-09-09	CVE-2013-4900	Path Traversal vulnerability in Twilightcms Twilight CMS 5.17 Directory traversal vulnerability in DeWeS web server 0.4.2 and possibly earlier, as used in Twilight CMS, allows remote attackers to read arbitrary files via a ..%5c (dot dot encoded backslash) in a GET request. network low complexity twilightcms CWE-22	5.0
2013-09-09	CVE-2013-4899	Cross-Site Scripting vulnerability in Twilightcms Twilight CMS 5.17 Cross-site scripting (XSS) vulnerability in Twilight CMS 5.17 and possibly earlier allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the gallery/ page. network twilightcms CWE-79	4.3
2009-11-04	CVE-2009-3856	Cross-site Scripting vulnerability in Twilightcms Twilight CMS Cross-site scripting (XSS) vulnerability in the default URI in news/ in Twilight CMS before 4.1 allows remote attackers to inject arbitrary web script or HTML via the calendar parameter. network twilightcms CWE-79	4.3

Vulnerabilities > Twilightcms {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Twilightcms"}]}