Cross Site Scripting vulnerability in hooskcms v.1.8 allows a remote attacker to cause a denial of service via the custom Link title parameter and the Title parameter.
CVSS Score
4.8
EPSS Score
0.0
Published
2025-02-14
Cross Site Scripting vulnerability in hooskcms v.1.7.1 allows a remote attacker to obtain sensitive information via the /install/index.php component.
CVSS Score
6.1
EPSS Score
0.0
Published
2025-02-14
SQL Injection vulnerability in hooskcms v.1.7.1 allows a remote attacker to obtain sensitive information via the /install/index.php component.
CVSS Score
5.1
EPSS Score
0.0
Published
2025-02-14
An issue Hoosk v1.7.1 allows a remote attacker to execute arbitrary code via a crafted script to the config.php component.
CVSS Score
6.5
EPSS Score
0.004
Published
2024-11-08
An arbitrary file upload vulnerability in the /attachments component of Hoosk v1.8 allows attackers to execute arbitrary code via a crafted PHP file.
CVSS Score
9.8
EPSS Score
0.001
Published
2022-11-16
XSS in edit page of Hoosk 1.8.0 allows attacker to execute javascript code in user browser via edit page with XSS payload bypass filter some special chars.
CVSS Score
6.1
EPSS Score
0.002
Published
2022-04-25
A vulnerability exists in Hoosk 1.8.0 in /install/index.php, due to a failure to check if config.php already exists in the root directory, which could let a malicious user reinstall the website.
CVSS Score
5.4
EPSS Score
0.003
Published
2022-03-31
An issue was discovered in Hoosk CmS v1.8.0. There is an Remote Code Execution vulnerability in install/index.php
CVSS Score
9.8
EPSS Score
0.026
Published
2020-09-30
An issue was discovered in Hoosk CMS v1.8.0. There is a SQL injection vulnerability in install/index.php
CVSS Score
9.8
EPSS Score
0.003
Published
2020-09-30
An issue was discovered in Hoosk CMS v1.8.0. There is a XSS vulnerability in install/index.php
CVSS Score
6.1
EPSS Score
0.002
Published
2020-09-30
Page 1