gleeztech 漏洞與 CVE 列表(4)

產品(CPE): — CVE 數: 4

gleeztech 漏洞概覽

彙總 gleeztech 相關全部產品的 CVE 與安全漏洞情報,包括 CVSS、EPSS、公開時間與漏洞情報資料。

歷史漏洞主要涉及 跨站腳本與CSRF 等問題,部分漏洞可能導致 工作階段劫持,並影響 軟體部署與生產負載 相關場景。

相關漏洞資料主要來源於公開漏洞披露與安全公告,可用於評估歷史漏洞暴露面與修補優先順序。

漏洞分布趨勢(近 24 個月)

顯示 144 CVE 數
«« 第一頁 « 上一頁 第 1 / 1 頁 下一頁 »
CVE 摘要 來源 最高 CVSS EPSS % 公開時間 更新時間
CVE-2018-16704 An issue was discovered in Gleez CMS v1.2.0. Because of an Insecure Direct Object Reference vulnerability, it is possible for attackers (logged in users) to view profile page of other users, as demonstrated by navigating to user/3 on demo.gleezcms.org. [email protected] 4.3 0.77% 2018-09-07 2026-06-16
CVE-2018-16703 A vulnerability in the Gleez CMS 1.2.0 login page could allow an unauthenticated, remote attacker to perform multiple user enumerations, which can further help an attacker to perform login attempts in excess of the configured login attempt limit. The vulnerability is due to insufficient server-side access control and login attempt limit enforcement. An attacker could exploit this vulnerability by sending modified login attempts to the Portal login page. An exploit could allow the attacker to ide [email protected] 5.3 1.53% 2018-09-07 2026-06-16
CVE-2018-1999021 Gleezcms Gleez Cms version 1.3.0 contains a Cross Site Scripting (XSS) vulnerability in Profile page that can result in Inject arbitrary web script or HTML via the profile page editor. This attack appear to be exploitable via The victim must navigate to the attacker's profile page. [email protected] 5.4 0.65% 2018-07-23 2026-06-16
CVE-2018-13340 Gleez CMS 1.2.0 has CSRF, as demonstrated by a /page/add request. [email protected] 8.8 0.65% 2018-07-05 2026-06-16
«« 第一頁 « 上一頁 第 1 / 1 頁 下一頁 »
cvelogic Threat Intelligence