CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Html-Js: >> Doracms >> 2.1.3 Security Vulnerabilities

CVE-2024-28715

Cross Site Scripting vulnerability in DOraCMS v.2.18 and before allows a remote attacker to execute arbitrary code via the markdown0 function in the /app/public/apidoc/oas3/wrap-components/markdown.jsx endpoint.

CVSS Score

8.8

EPSS Score

0.115

Published

2024-03-19

CVE-2022-35147

DoraCMS v2.18 and earlier allows attackers to bypass login authentication via a crafted HTTP request.

CVSS Score

9.8

EPSS Score

0.002

Published

2022-08-17

Page 1

Vulnerabilities

Vulnerable Software

Html-Js: >> Doracms >> 2.1.3 Security Vulnerabilities

Products

Pricing

Contact Us