x3cms CVE Vulnerabilities & CVE List (3)

Products (CPE): — CVEs: 3

x3cms vulnerability overview

Aggregates CVE and security vulnerability intelligence across all x3cms-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.

Common weakness patterns include vendor risk cross-site scripting and vendor risk csrf, with potential vendor impact session compromise across vendor surface production workloads and vendor surface software deployment use cases.

Vulnerability distribution trend (last 24 months)

Showing 13 of 3 CVEs
«« First « Prev Page 1 / 1 Next »
CVE Summary Source Max CVSS EPSS % Published Updated
CVE-2014-8772 Cross-site scripting (XSS) vulnerability in the search_controller in X3 CMS 0.5.1 and 0.5.1.1 allows remote authenticated users to inject arbitrary web script or HTML via the search parameter. [email protected] 3.5 0.18% 2014-12-03 2026-05-06
CVE-2014-8771 Multiple cross-site request forgery (CSRF) vulnerabilities in the admin area in X3 CMS 0.5.1 and 0.5.1.1 allow remote attackers to hijack the authentication of administrators via unspecified vectors. [email protected] 6.8 0.11% 2014-12-03 2026-05-06
CVE-2011-5255 Multiple cross-site scripting (XSS) vulnerabilities in admin/login in X3 CMS 0.4.3.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) PATH_INFO, (2) username, or (3) password parameter. [email protected] 4.3 0.62% 2013-01-31 2026-04-29
«« First « Prev Page 1 / 1 Next »
cvelogic Threat Intelligence