compo composr_cms CVE 漏洞(4)

CVE 數: 4 CPE versions: View versions table

摘要

本頁列出影響 compo composr_cms 的已公開 CVE 漏洞(透過 NVD CPE 關聯)。每列包含嚴重程度評分、摘要與發布日期,便於識別與分析安全議題。

顯示 144 CVE 數
«« 第一頁 « 上一頁 第 1 / 1 頁 下一頁 »
CVE 摘要 來源 最高 CVSS EPSS % 公開時間 更新時間
CVE-2020-37237 Composr CMS 10.0.34 contains a persistent cross-site scripting vulnerability that allows authenticated administrators to inject malicious scripts through the banner management interface. Attackers with admin credentials can inject XSS payloads in the Description field of the Add banner functionality, which execute for all website visitors when they access the home page. [email protected] 5.1 0.24% 2026-05-16 2026-06-16
CVE-2021-38709 In ocProducts Composr CMS before 10.0.38, an attacker can inject JavaScript via the staff_messaging messaging system for XSS. [email protected] 6.1 0.58% 2021-08-15 2026-06-17
CVE-2021-38708 In ocProducts Composr CMS before 10.0.38, an attacker can inject JavaScript via Comcode for XSS. [email protected] 5.4 0.47% 2021-08-15 2026-06-17
CVE-2018-6518 Composr CMS 10.0.13 has XSS via the site_name parameter in a page=admin-setupwizard&type=step3 request to /adminzone/index.php. [email protected] 4.8 0.80% 2018-04-26 2026-06-16
«« 第一頁 « 上一頁 第 1 / 1 頁 下一頁 »
cvelogic Threat Intelligence