Amirocms Amiro.Cms vulnerabilities
2 known vulnerabilities affecting amirocms/amiro.cms.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2009-3803P4MEDIUMCVSS 4.3PoC≤ 5.4.0.0v4.0.8.0+10 more2009-10-27
CVE-2009-3803 [MEDIUM] CWE-79 CVE-2009-3803: Multiple cross-site scripting (XSS) vulnerabilities in Amiro.CMS 5.4.0.0 and earlier allow remote at
Multiple cross-site scripting (XSS) vulnerabilities in Amiro.CMS 5.4.0.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the status_message parameter to (1) /news, (2) /comment, (3) /forum, (4) /blog, and (5) /tags; the status_message parameter to (6) forum.php, (7) discussion.php, (8) guestbook.php, (9) blog.php, (10) new
nvd
CVE-2009-3802P4MEDIUMCVSS 5.0PoC≤ 5.4.0.0v4.0.8.0+10 more2009-10-27
CVE-2009-3802 [MEDIUM] CWE-20 CVE-2009-3802: Amiro.CMS 5.4.0.0 and earlier allows remote attackers to obtain sensitive information via an invalid
Amiro.CMS 5.4.0.0 and earlier allows remote attackers to obtain sensitive information via an invalid loginname ("%%%") to _admin/index.php, which reveals the installation path and other information in an error message.
nvd