MidnightBSD

Advisories for no-cms_project

CVE-2018-18868 MEDIUM

No-CMS 1.1.3 is prone to Persistent XSS via a contact_us name parameter, as demonstrated by the VG48Z5PqVWname parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
no-cms_project no-cms 1.1.3
CVE-2018-19901 LOW

No-CMS 1.1.3 is prone to Persistent XSS via the blog/manage_article/index/ "article_title" parameter.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
no-cms_project no-cms 1.1.3
CVE-2018-19902 LOW

No-CMS 1.1.3 is prone to Persistent XSS via the blog/manage_article "keyword" parameter.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
no-cms_project no-cms 1.1.3