Evolutioncms Evolution vulnerabilities
4 known vulnerabilities affecting evolutioncms/evolution.
Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
MEDIUM4
Vulnerabilities
Page 1 of 1
CVE-2018-16638P4MEDIUM≥ 1.4.0, < 1.4.62022-05-14
CVE-2018-16638 [MEDIUM] CWE-79 Evolution CMS Cross-site Scripting (XSS)
Evolution CMS Cross-site Scripting (XSS)
Evolution CMS 1.4.x prior to 1.4.6 allows XSS via the manager/ search parameter.
ghsaosv
CVE-2023-43341P4MEDIUM≥ 0, ≤ 3.2.32023-10-20
CVE-2023-43341 [MEDIUM] CWE-79 Evolution CMS Cross-site Scripting vulnerability
Evolution CMS Cross-site Scripting vulnerability
Cross-site scripting (XSS) vulnerability in evolution evo v.3.2.3 allows a local attacker to execute arbitrary code via a crafted payload injected uid parameter.
ghsaosv
CVE-2018-16637P4MEDIUM≥ 1.4, < 1.4.62022-05-14
CVE-2018-16637 [MEDIUM] CWE-79 Evolution CMS Stored Cross-site Scripting (XSS)
Evolution CMS Stored Cross-site Scripting (XSS)
Evolution CMS 1.4.x prior to 1.4.6 allows XSS via the page weblink title parameter to the manager/ URI.
ghsaosv
CVE-2023-43340P4MEDIUM≥ 0, ≤ 3.2.32023-10-20
CVE-2023-43340 [MEDIUM] CWE-79 Evolution CMS Cross-site Scripting vulnerability
Evolution CMS Cross-site Scripting vulnerability
Cross-site scripting (XSS) vulnerability in evolution v.3.2.3 allows a local attacker to execute arbitrary code via a crafted payload injected into the cmsadmin, cmsadminemail, cmspassword and cmspasswordconfim parameters
ghsaosv