CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-1000087

WolfCMS version version 0.8.3.1 contains a Reflected Cross Site Scripting vulnerability in "Create New File" and "Create New Directory" input box from 'files' Tab that can result in Session Hijacking, Spread Worms,Control the browser remotely. . This attack appear to be exploitable via Attacker can execute the JavaScript into the "Create New File" and "Create New Directory" input box from 'files'.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 44.6%

CVSS Severity

CVSS v3 Score 4.8

CVSS v2 Score 3.5

References

https://cveexploit.blogspot.in/
https://github.com/wolfcms/wolfcms/issues/666
https://cveexploit.blogspot.in/
https://github.com/wolfcms/wolfcms/issues/666

Products affected by CVE-2018-1000087

Wolfcms » Wolf Cms » Version: 0.8.3.1

cpe:2.3:a:wolfcms:wolf_cms:0.8.3.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-1000087

Products

Pricing

Contact Us