Filtered by vendor Waimai Super Cms Project
Subscribe
Total
4 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-21506 | 1 Waimai Super Cms Project | 1 Waimai Super Cms | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
waimai Super Cms 20150505 contains a cross-site scripting (XSS) vulnerability in the component /admin.php?m=Config&a=add. | |||||
CVE-2020-21505 | 1 Waimai Super Cms Project | 1 Waimai Super Cms | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
waimai Super Cms 20150505 contains a cross-site scripting (XSS) vulnerability in the component /admin.php/Link/addsave. | |||||
CVE-2020-21504 | 1 Waimai Super Cms Project | 1 Waimai Super Cms | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
waimai Super Cms 20150505 contains a cross-site scripting (XSS) vulnerability in the component /admin.php?&m=Public&a=login. | |||||
CVE-2020-21503 | 1 Waimai Super Cms Project | 1 Waimai Super Cms | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
waimai Super Cms 20150505 has a logic flaw allowing attackers to modify a price, before form submission, by observing data in a packet capture. By setting the index.php?m=gift&a=addsave credit parameter to -1, the product is sold for free. |