Cross Site Scripting vulnerability in hooskcms v.1.7.1 allows a remote attacker to obtain sensitive information via the /install/index.php component.
CVSS Score
6.1
EPSS Score
0.0
Published
2025-02-14
SQL Injection vulnerability in hooskcms v.1.7.1 allows a remote attacker to obtain sensitive information via the /install/index.php component.
CVSS Score
5.1
EPSS Score
0.0
Published
2025-02-14
An issue Hoosk v1.7.1 allows a remote attacker to execute arbitrary code via a crafted script to the config.php component.
CVSS Score
6.5
EPSS Score
0.004
Published
2024-11-08
Hoosk Codeigniter CMS before 1.7.2 is affected by a Cross Site Request Forgery (CSRF). When an attacker induces authenticated admin user to a malicious web page, any accounts can be deleted without admin user's intention.
CVSS Score
4.3
EPSS Score
0.002
Published
2020-08-28