Vulnerabilities > Wolfcms
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-06-09 | CVE-2019-25070 | Cross-site Scripting vulnerability in Wolfcms Wolf CMS ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in WolfCMS up to 0.8.3.1. | 6.1 |
2020-02-19 | CVE-2012-1932 | Cross-site Scripting vulnerability in Wolfcms Wolf CMS A cross-site scripting (XSS) vulnerability in Wolf CMS 0.75 and earlier allows remote attackers to inject arbitrary web script or HTML via the setting[admin_email] parameter to admin/setting. | 4.8 |
2019-04-25 | CVE-2018-18824 | Cross-site Scripting vulnerability in Wolfcms Wolf CMS 0.8.3.1 WolfCMS v0.8.3.1 allows XSS via an SVG file to /?/admin/plugin/file_manager/browse/. | 4.8 |
2019-04-25 | CVE-2018-18823 | Cross-site Scripting vulnerability in Wolfcms Wolf CMS 0.8.3.1 WolfCMS 0.8.3.1 allows XSS via an SVG file to /?/admin/plugin/file_manager/browse/. | 4.8 |
2019-03-30 | CVE-2019-10646 | Cross-site Scripting vulnerability in Wolfcms Wolf CMS 0.8.3.1 Wolf CMS v0.8.3.1 is affected by cross site scripting (XSS) in the module Add Snippet (/?/admin/snippet/add). | 6.1 |
2018-08-25 | CVE-2018-15842 | Cross-site Scripting vulnerability in Wolfcms Wolf CMS 0.8.3.1 WolfCMS 0.8.3.1 has XSS via the /?/admin/page/add slug parameter. | 4.8 |
2018-08-10 | CVE-2018-14837 | Cross-site Scripting vulnerability in Wolfcms Wolf CMS 0.8.3.1 Wolf CMS 0.8.3.1 has XSS in the Snippets tab, as demonstrated by a ?/admin/snippet/edit/1 URI. | 4.8 |
2018-04-04 | CVE-2018-8814 | Cross-Site Request Forgery (CSRF) vulnerability in Wolfcms Wolf CMS 0.8.3.1 Cross-site request forgery (CSRF) vulnerability in WolfCMS 0.8.3.1 allows remote attackers to hijack the authentication of users for requests that modify plugin/[pluginname]/settings by crafting a malicious request. | 6.5 |
2018-04-04 | CVE-2018-8813 | Open Redirect vulnerability in Wolfcms Wolf CMS 0.8.3.1 Open redirect vulnerability in the login[redirect] parameter login functionality in WolfCMS 0.8.3.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a malformed URL. | 4.8 |
2018-03-13 | CVE-2018-1000087 | Cross-site Scripting vulnerability in Wolfcms Wolf CMS 0.8.3.1 WolfCMS version version 0.8.3.1 contains a Reflected Cross Site Scripting vulnerability in "Create New File" and "Create New Directory" input box from 'files' Tab that can result in Session Hijacking, Spread Worms,Control the browser remotely. | 4.8 |