Cotonti: >> Cotonti Siena Security Vulnerabilities
A vulnerability has been found in Cotonti Siena v0.9.25. Affected by this vulnerability is the file /admin.php?m=config&n=edit&o=core&p=title. The manipulation of the value of title leads to cross-site scripting.
CVSS Score
5.4
EPSS Score
0.0
Published
2025-06-02
Cotonti Siena 0.9.20 allows admins to conduct stored XSS attacks via a forum post.
CVSS Score
4.8
EPSS Score
0.001
Published
2022-09-05
Cotonti Siena 0.9.20 allows admins to conduct stored XSS attacks via a direct message (DM).
CVSS Score
4.8
EPSS Score
0.001
Published
2022-09-05
SQL injection vulnerability in modules/rss/rss.php in Cotonti before 0.9.14 allows remote attackers to execute arbitrary SQL commands via the "c" parameter to index.php.
CVSS Score
7.5
EPSS Score
0.019
Published
2013-08-09