Vulnerability Details CVE-2018-8957
CoverCMS v1.1.6 has XSS via the fourth input box to index.php, related to admina/mconfigs.inc.php.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 48.0%
CVSS Severity
CVSS v3 Score 5.4
CVSS v2 Score 3.5
References
- https://github.com/ttylx/Cve_reveal
- https://github.com/ttylx/Cve_reveal/blob/master/CoverCMS_01/Covercms_1.md
- https://github.com/ttylx/Cve_reveal/blob/master/CoverCMS_01/re.md
- https://github.com/ttylx/Cve_reveal
- https://github.com/ttylx/Cve_reveal/blob/master/CoverCMS_01/Covercms_1.md
- https://github.com/ttylx/Cve_reveal/blob/master/CoverCMS_01/re.md
Products affected by CVE-2018-8957
-
cpe:2.3:a:covercms_project:covercms:1.1.6