Mara Cms Project: >> Mara Cms >> 7.5 Security Vulnerabilities
A remote code execution (RCE) vulnerability in the component /codebase/dir.php?type=filenew of Mara v7.5 allows attackers to execute arbitrary commands via a crafted PHP file.
CVSS Score
9.8
EPSS Score
0.224
Published
2021-10-28
A cross site scripting (XSS) vulnerability in menuedit.php of Mara CMS 7.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.
CVSS Score
5.4
EPSS Score
0.002
Published
2021-10-28
Mara CMS 7.5 allows cross-site scripting (XSS) in contact.php via the theme or pagetheme parameters.
CVSS Score
6.1
EPSS Score
0.25
Published
2020-08-30