MidnightBSD

Advisories for chemcms_project

CVE-2018-10295 MEDIUM

ChemCMS v1.0.6 has CSRF by using public/admin/user/addpost.html to add an administrator account.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
chemcms_project chemcms 1.0.6
CVE-2018-16346 LOW

ChemCMS 1.0.6 has XSS via the "setting -> website information" field.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
chemcms_project chemcms 1.0.6