Naviwebs: >> Navigate Cms >> 1.8.4 Security Vulnerabilities
An issue was discovered in Navigate CMS through 2.8.7. It allows Directory Traversal because lib/packages/templates/template.class.php mishandles ../ and ..\ substrings.
CVSS Score
5.3
EPSS Score
0.003
Published
2020-06-03
An issue was discovered in Navigate CMS through 2.8.7. It allows XSS because of a lack of purify calls in lib/packages/structure/structure.class.php.
CVSS Score
6.1
EPSS Score
0.002
Published
2020-06-03
An issue was discovered in Navigate CMS through 2.8.7. It allows XSS because of a lack of purify calls in lib/packages/websites/website.class.php.
CVSS Score
6.1
EPSS Score
0.002
Published
2020-06-03
An issue was discovered in Navigate CMS through 2.8.7. It allows XSS because of a lack of purify calls in lib/packages/feeds/feed.class.php.
CVSS Score
6.1
EPSS Score
0.002
Published
2020-06-03