Mara Cms Project Mara Cms vulnerabilities
3 known vulnerabilities affecting mara_cms_project/mara_cms.
Total CVEs
3
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL1MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2020-24223P3MEDIUMCVSS 6.1PoCv7.52020-08-30
CVE-2020-24223 [MEDIUM] CWE-79 CVE-2020-24223: Mara CMS 7.5 allows cross-site scripting (XSS) in contact.php via the theme or pagetheme parameters.
Mara CMS 7.5 allows cross-site scripting (XSS) in contact.php via the theme or pagetheme parameters.
nvd
CVE-2021-36547P2CRITICALCVSS 9.8v7.52021-10-28
CVE-2021-36547 [CRITICAL] CWE-434 CVE-2021-36547: A remote code execution (RCE) vulnerability in the component /codebase/dir.php?type=filenew of Mara
A remote code execution (RCE) vulnerability in the component /codebase/dir.php?type=filenew of Mara v7.5 allows attackers to execute arbitrary commands via a crafted PHP file.
nvd
CVE-2020-25422P4MEDIUMCVSS 5.4v7.52021-10-28
CVE-2020-25422 [MEDIUM] CWE-79 CVE-2020-25422: A cross site scripting (XSS) vulnerability in menuedit.php of Mara CMS 7.5 allows attackers to execu
A cross site scripting (XSS) vulnerability in menuedit.php of Mara CMS 7.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.
nvd