Filtered by vendor Max-3000
Subscribe
Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-25413 | 1 Max-3000 | 1 Maxsite Cms | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Maxsite CMS v108 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the parameter f_tags at /admin/page_edit/3. | |||||
| CVE-2022-25412 | 1 Max-3000 | 1 Maxsite Cms | 2024-11-21 | 5.5 MEDIUM | 8.1 HIGH |
| Maxsite CMS v180 was discovered to contain multiple arbitrary file deletion vulnerabilities in /admin_page/all-files-update-ajax.php via the dir and deletefile parameters. | |||||
| CVE-2022-25411 | 1 Max-3000 | 1 Maxsite Cms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| A Remote Code Execution (RCE) vulnerability at /admin/options in Maxsite CMS v180 allows attackers to execute arbitrary code via a crafted PHP file. | |||||
| CVE-2022-25410 | 1 Max-3000 | 1 Maxsite Cms | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Maxsite CMS v180 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the parameter f_file_description at /admin/files. | |||||
| CVE-2021-27983 | 1 Max-3000 | 1 Maxsite Cms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Remote Code Execution (RCE) vulnerability exists in MaxSite CMS v107.5 via the Documents page. | |||||