CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Blackcat-Cms: >> Blackcat Cms >> 1.0 Security Vulnerabilities

CVE-2020-25453

An issue was discovered in BlackCat CMS before 1.4. There is a CSRF vulnerability (bypass csrf_token) that allows remote arbitrary code execution.

CVSS Score

8.8

EPSS Score

0.004

Published

2020-09-15

CVE-2015-5079

Directory traversal vulnerability in widgets/logs.php in BlackCat CMS before 1.1.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the dl parameter.

CVSS Score

7.5

EPSS Score

0.329

Published

2018-02-28

CVE-2014-5259

Cross-site scripting (XSS) vulnerability in cattranslate.php in the CatTranslate JQuery plugin in BlackCat CMS 1.0.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the msg parameter.

CVSS Score

4.3

EPSS Score

0.004

Published

2014-09-12

Page 1

Vulnerabilities

Vulnerable Software

Blackcat-Cms: >> Blackcat Cms >> 1.0 Security Vulnerabilities

Products

Pricing

Contact Us