| CVE-2023-42346 |
high |
7.5 |
7.5 |
20d ago |
Alkacon OpenCms is vulnerable to XXE when the <!DOCTYPE> refers to an external host |
|
| CVE-2023-42344 |
high |
7.3 |
7.3 |
20d ago |
Alkacon OpenCms allows remote unauthenticated attackers to obtain sensitive information |
|
| CVE-2024-41446 |
unknown |
— |
— |
1y ago |
OpenCMS cross-site scripting (XSS) vulnerability |
|
| CVE-2008-1753 |
unknown |
— |
— |
4y ago |
Alkacon OpenCMS XSS via searchfilter parameter in system/workplace/admin/workplace/sessions.jsp |
|
| CVE-2008-1510 |
unknown |
— |
— |
4y ago |
Alkacon OpenCMS XSS via searchfilter or listSearchFilter parameter |
|
| CVE-2006-3934 |
unknown |
— |
— |
4y ago |
Alkacon OpenCMS Absolute Path Traversal via pathname in filePath parameter |
|
| CVE-2019-13236 |
unknown |
— |
— |
7y ago |
XSS issues in the management interface |
|
| CVE-2019-13235 |
unknown |
— |
— |
7y ago |
XSS in login form |
|
| CVE-2019-13237 |
unknown |
— |
— |
7y ago |
Local file inclusion allows unauthorized access to internal resources in Alkacon OpenCms |
|