compo composr_cms の CVE(4 件)

CVE 件数: 4 CPE versions: View versions table

概要

本ページは compo composr_cms に影響する公開済み CVE(NVD の CPE 経由で関連付け)を列挙します。各行に深刻度指標・概要・公開日が含まれます。

表示中 14 / 4 CVE 件数
«« 先頭 « 前へ 1 / 1 次へ »
CVE 概要 ソース CVSS 最大値 EPSS(%) 公開 更新
CVE-2020-37237 Composr CMS 10.0.34 contains a persistent cross-site scripting vulnerability that allows authenticated administrators to inject malicious scripts through the banner management interface. Attackers with admin credentials can inject XSS payloads in the Description field of the Add banner functionality, which execute for all website visitors when they access the home page. [email protected] 5.1 0.24% 2026-05-16 2026-06-16
CVE-2021-38709 In ocProducts Composr CMS before 10.0.38, an attacker can inject JavaScript via the staff_messaging messaging system for XSS. [email protected] 6.1 0.58% 2021-08-15 2026-06-17
CVE-2021-38708 In ocProducts Composr CMS before 10.0.38, an attacker can inject JavaScript via Comcode for XSS. [email protected] 5.4 0.47% 2021-08-15 2026-06-17
CVE-2018-6518 Composr CMS 10.0.13 has XSS via the site_name parameter in a page=admin-setupwizard&type=step3 request to /adminzone/index.php. [email protected] 4.8 0.80% 2018-04-26 2026-06-16
«« 先頭 « 前へ 1 / 1 次へ »
cvelogic Threat Intelligence