Vulnerabilities > Wolfcms > Wolf CMS > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-02-19 | CVE-2012-1932 | Cross-site Scripting vulnerability in Wolfcms Wolf CMS A cross-site scripting (XSS) vulnerability in Wolf CMS 0.75 and earlier allows remote attackers to inject arbitrary web script or HTML via the setting[admin_email] parameter to admin/setting. | 3.5 |
| 2019-04-25 | CVE-2018-18823 | Cross-site Scripting vulnerability in Wolfcms Wolf CMS 0.8.3.1 WolfCMS 0.8.3.1 allows XSS via an SVG file to /?/admin/plugin/file_manager/browse/. | 3.5 |
| 2019-04-25 | CVE-2018-18824 | Cross-site Scripting vulnerability in Wolfcms Wolf CMS 0.8.3.1 WolfCMS v0.8.3.1 allows XSS via an SVG file to /?/admin/plugin/file_manager/browse/. | 3.5 |
| 2018-08-25 | CVE-2018-15842 | Cross-site Scripting vulnerability in Wolfcms Wolf CMS 0.8.3.1 WolfCMS 0.8.3.1 has XSS via the /?/admin/page/add slug parameter. | 3.5 |
| 2018-08-10 | CVE-2018-14837 | Cross-site Scripting vulnerability in Wolfcms Wolf CMS 0.8.3.1 Wolf CMS 0.8.3.1 has XSS in the Snippets tab, as demonstrated by a ?/admin/snippet/edit/1 URI. | 3.5 |
| 2018-03-13 | CVE-2018-1000084 | Cross-site Scripting vulnerability in Wolfcms Wolf CMS 0.8.3.1 WOlfCMS WolfCMS version version 0.8.3.1 contains a Stored Cross-Site Scripting vulnerability in Layout Name (from Layout tab) that can result in low privilege user can steal the cookie of admin user and compromise the admin account. | 3.5 |
| 2018-03-13 | CVE-2018-1000087 | Cross-site Scripting vulnerability in Wolfcms Wolf CMS 0.8.3.1 WolfCMS version version 0.8.3.1 contains a Reflected Cross Site Scripting vulnerability in "Create New File" and "Create New Directory" input box from 'files' Tab that can result in Session Hijacking, Spread Worms,Control the browser remotely. | 3.5 |
| 2018-02-22 | CVE-2018-6890 | Cross-site Scripting vulnerability in Wolfcms Wolf CMS 0.8.3.1 Cross-site scripting (XSS) vulnerability in Wolf CMS 0.8.3.1 via the page editing feature, as demonstrated by /?/admin/page/edit/3. | 3.5 |
| 2017-09-08 | CVE-2017-11611 | Cross-site Scripting vulnerability in Wolfcms Wolf CMS 0.8.3.1 Wolf CMS 0.8.3.1 allows Cross-Site Scripting (XSS) attacks. | 3.5 |