CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Wolfcms: >> Wolf Cms >> 0.8.3.1 Security Vulnerabilities

CVE-2018-6890

Cross-site scripting (XSS) vulnerability in Wolf CMS 0.8.3.1 via the page editing feature, as demonstrated by /?/admin/page/edit/3.

CVSS Score

4.8

EPSS Score

0.003

Published

2018-02-22

CVE-2017-11611

Wolf CMS 0.8.3.1 allows Cross-Site Scripting (XSS) attacks. The vulnerability exists due to insufficient sanitization of the file name in a "create-file-popup" action, and the directory name in a "create-directory-popup" action, in the HTTP POST method to the "/plugin/file_manager/" script (aka an /admin/plugin/file_manager/browse// URI).

CVSS Score

5.4

EPSS Score

0.013

Published

2017-09-08

Page 2

Vulnerabilities

Vulnerable Software

Wolfcms: >> Wolf Cms >> 0.8.3.1 Security Vulnerabilities

Products

Pricing

Contact Us