MidnightBSD

Advisories for companymaps_project

CVE-2023-29808

Cross Site Scripting (XSS) vulnerability in vogtmh cmaps (companymaps) 8.0 allows attackers to execute arbitrary code.

Products Affected

Vendor Product Version
companymaps_project companymaps 8.0
CVE-2023-29809

SQL injection vulnerability found in Maximilian Vogt companymaps (cmaps) v.8.0 allows a remote attacker to execute arbitrary code via a crafted script in the request.

Products Affected

Vendor Product Version
companymaps_project companymaps 8.0
CVE-2023-29983

Cross Site Scripting vulnerability found in Maximilian Vogt cmaps v.8.0 allows a remote attacker to execute arbitrary code via the auditlog tab in the admin panel.

Products Affected

Vendor Product Version
companymaps_project companymaps 8.0