| CVE-2023-42346 |
high |
7.5 |
7.5 |
|
|
|
21d ago |
Alkacon OpenCms is vulnerable to XXE when the <!DOCTYPE> refers to an external host |
| CVE-2023-42344 |
high |
7.3 |
7.3 |
|
|
|
21d ago |
Alkacon OpenCms allows remote unauthenticated attackers to obtain sensitive information |
| CVE-2023-42345 |
medium |
6.1 |
6.1 |
|
|
|
21d ago |
Alkacon OpenCms is vulnerable to XSS via updateModelGroups.jsp |
| CVE-2023-42343 |
medium |
6.1 |
6.1 |
|
|
|
21d ago |
Alkacon OpenCms is vulnerable to XSS via cmis-online/type |
| CVE-2015-2351 |
medium |
— |
4.3 |
|
|
|
11y ago |
Alkacon OpenCMS XSS via homelink, workplaceresource, mode and query parameters |
| CVE-2013-4600 |
medium |
— |
4.3 |
|
|
|
13y ago |
Alkacon OpenCMS XSS via title and requestedResource parameters |
| CVE-2024-42699 |
unknown |
— |
— |
|
|
|
1y ago |
OpenCMS Cross-Site Scripting vulnerability |
| CVE-2024-41446 |
unknown |
— |
— |
|
|
|
1y ago |
OpenCMS cross-site scripting (XSS) vulnerability |
| CVE-2024-41447 |
unknown |
— |
— |
|
|
|
1y ago |
Alkacon OpenCMS stored cross-site scripting (XSS) vulnerability |
| CVE-2024-5520 |
unknown |
— |
— |
|
|
|
2y ago |
OpenCMS Cross-Site Scripting vulnerability |
| CVE-2023-6379 |
unknown |
— |
— |
|
|
|
3y ago |
Alkacon OpenCMS XSS via Mercury template |
| CVE-2023-37602 |
unknown |
— |
— |
|
|
|
3y ago |
Alkacon OpenCMS arbitrary file upload vulnerability |
| CVE-2023-31544 |
unknown |
— |
— |
|
|
|
3y ago |
alkacon-OpenCMS vulnerable to stored Cross-site Scripting |
| CVE-2019-11818 |
unknown |
— |
— |
|
|
|
4y ago |
Alkacon OpenCMS XSS via New User module |
| CVE-2019-11819 |
unknown |
— |
— |
|
|
|
4y ago |
Alkacon OpenCMS CSV Injection via New User module |
| CVE-2008-1753 |
unknown |
— |
— |
|
|
|
4y ago |
Alkacon OpenCMS XSS via searchfilter parameter in system/workplace/admin/workplace/sessions.jsp |
| CVE-2008-1510 |
unknown |
— |
— |
|
|
|
4y ago |
Alkacon OpenCMS XSS via searchfilter or listSearchFilter parameter |
| CVE-2008-1301 |
unknown |
— |
— |
|
|
|
4y ago |
Alkacon OpenCMS Absolute Path Traversal via pathname in filePath.0 parameter |
| CVE-2008-1300 |
unknown |
— |
— |
|
|
|
4y ago |
Alkacon Open CMS XSS via Logfile Viewer Settings function |
| CVE-2008-1045 |
unknown |
— |
— |
|
|
|
4y ago |
Alkacon OpenCMS XSS via file tree navigation in system/workplace/views/explorer/tree_files.jsp |
| CVE-2006-3935 |
unknown |
— |
— |
|
|
|
4y ago |
Alkacon OpenCMS Improper Access Control via system/workplace/views/admin/admin-main.jsp |
| CVE-2006-3936 |
unknown |
— |
— |
|
|
|
4y ago |
Alkacon OpenCms Exposes JSP Source Code |
| CVE-2006-3934 |
unknown |
— |
— |
|
|
|
4y ago |
Alkacon OpenCMS Absolute Path Traversal via pathname in filePath parameter |
| CVE-2006-3933 |
unknown |
— |
— |
|
|
|
4y ago |
Alkacon OpenCms XSS via unsanitized message body |
| CVE-2006-2571 |
unknown |
— |
— |
|
|
|
4y ago |
Alkacon OpenCms XSS via query parameter in a search action |
| CVE-2005-4294 |
unknown |
— |
— |
|
|
|
4y ago |
Alkacon OpenCms XSS via username during login |
| CVE-2021-3312 |
unknown |
— |
— |
|
|
|
5y ago |
XML External Entity Reference in org.opencms:opencms-core |
| CVE-2019-13236 |
unknown |
— |
— |
|
|
|
7y ago |
XSS issues in the management interface |
| CVE-2019-13235 |
unknown |
— |
— |
|
|
|
7y ago |
XSS in login form |
| CVE-2019-13237 |
unknown |
— |
— |
|
|
|
7y ago |
Local file inclusion allows unauthorized access to internal resources in Alkacon OpenCms |
| CVE-2019-13234 |
unknown |
— |
— |
|
|
|
7y ago |
XSS in search engine |