Vulnerabilities > Wolfcms

DATE CVE VULNERABILITY TITLE RISK
2020-02-19 CVE-2012-1932 Cross-site Scripting vulnerability in Wolfcms Wolf CMS
A cross-site scripting (XSS) vulnerability in Wolf CMS 0.75 and earlier allows remote attackers to inject arbitrary web script or HTML via the setting[admin_email] parameter to admin/setting.
network
wolfcms CWE-79
3.5
2019-04-25 CVE-2018-18824 Cross-site Scripting vulnerability in Wolfcms Wolf CMS 0.8.3.1
WolfCMS v0.8.3.1 allows XSS via an SVG file to /?/admin/plugin/file_manager/browse/.
network
wolfcms CWE-79
3.5
2019-04-25 CVE-2018-18823 Cross-site Scripting vulnerability in Wolfcms Wolf CMS 0.8.3.1
WolfCMS 0.8.3.1 allows XSS via an SVG file to /?/admin/plugin/file_manager/browse/.
network
wolfcms CWE-79
3.5
2019-03-30 CVE-2019-10646 Cross-site Scripting vulnerability in Wolfcms Wolf CMS 0.8.3.1
Wolf CMS v0.8.3.1 is affected by cross site scripting (XSS) in the module Add Snippet (/?/admin/snippet/add).
network
wolfcms CWE-79
4.3
2018-08-25 CVE-2018-15842 Cross-site Scripting vulnerability in Wolfcms Wolf CMS 0.8.3.1
WolfCMS 0.8.3.1 has XSS via the /?/admin/page/add slug parameter.
network
wolfcms CWE-79
3.5
2018-08-10 CVE-2018-14837 Cross-site Scripting vulnerability in Wolfcms Wolf CMS 0.8.3.1
Wolf CMS 0.8.3.1 has XSS in the Snippets tab, as demonstrated by a ?/admin/snippet/edit/1 URI.
network
wolfcms CWE-79
3.5
2018-04-04 CVE-2018-8814 Cross-Site Request Forgery (CSRF) vulnerability in Wolfcms Wolf CMS 0.8.3.1
Cross-site request forgery (CSRF) vulnerability in WolfCMS 0.8.3.1 allows remote attackers to hijack the authentication of users for requests that modify plugin/[pluginname]/settings by crafting a malicious request.
network
wolfcms CWE-352
5.8
2018-04-04 CVE-2018-8813 Open Redirect vulnerability in Wolfcms Wolf CMS 0.8.3.1
Open redirect vulnerability in the login[redirect] parameter login functionality in WolfCMS 0.8.3.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a malformed URL.
network
wolfcms CWE-601
4.9
2018-03-13 CVE-2018-1000087 Cross-site Scripting vulnerability in Wolfcms Wolf CMS 0.8.3.1
WolfCMS version version 0.8.3.1 contains a Reflected Cross Site Scripting vulnerability in "Create New File" and "Create New Directory" input box from 'files' Tab that can result in Session Hijacking, Spread Worms,Control the browser remotely.
network
wolfcms CWE-79
3.5
2018-03-13 CVE-2018-1000084 Cross-site Scripting vulnerability in Wolfcms Wolf CMS 0.8.3.1
WOlfCMS WolfCMS version version 0.8.3.1 contains a Stored Cross-Site Scripting vulnerability in Layout Name (from Layout tab) that can result in low privilege user can steal the cookie of admin user and compromise the admin account.
network
wolfcms CWE-79
3.5