Known Vulnerabilities for Blackcat Cms by Blackcat-cms
Listed below are 10 of the newest known vulnerabilities associated with "Blackcat Cms" by "Blackcat-cms".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-44043 json | A reflected cross-site scripting (XSS) vulnerability in /install/index.php of Black Cat CMS 1.4.1 allows attackers to execute... | 6.1 - MEDIUM | 2023-09-27 | 2023-10-06 |
| CVE-2023-44042 json | A stored cross-site scripting (XSS) vulnerability in /settings/index.php of Black Cat CMS 1.4.1 allows attackers to execute a... | 5.4 - MEDIUM | 2023-09-27 | 2023-09-28 |
| CVE-2021-27237 json | The admin panel in BlackCat CMS 1.3.6 allows stored XSS (by an admin) via the Display Name field to backend/preferences/ajax_... | 4.8 - MEDIUM | 2021-02-16 | 2021-02-17 |
| CVE-2020-25878 json | A stored cross site scripting (XSS) vulnerability in the 'Admin-Tools' feature of BlackCat CMS 1.3.6 allows authenticated att... | 4.8 - MEDIUM | 2021-07-09 | 2021-07-15 |
| CVE-2020-25877 json | A stored cross site scripting (XSS) vulnerability in the 'Add Page' feature of BlackCat CMS 1.3.6 allows authenticated attack... | 5.4 - MEDIUM | 2021-07-09 | 2021-07-14 |
| CVE-2020-25453 json | An issue was discovered in BlackCat CMS before 1.4. There is a CSRF vulnerability (bypass csrf_token) that allows remote arbi... | 8.8 - HIGH | 2020-09-15 | 2022-01-01 |
| CVE-2018-16635 json | Blackcat CMS 1.3.2 allows XSS via the willkommen.php?lang=DE page title at backend/pages/modify.php. | 5.4 - MEDIUM | 2018-12-10 | 2019-02-26 |
| CVE-2018-10821 json | Cross-site scripting (XSS) vulnerability in backend/pages/modify.php in BlackCatCMS 1.3 allows remote authenticated users wit... | 4.8 - MEDIUM | 2018-06-14 | 2020-06-04 |
| CVE-2017-14399 json | In BlackCat CMS 1.2.2, unrestricted file upload is possible in backend\media\ajax_rename.php via the extension parameter, as ... | 8.8 - HIGH | 2017-09-12 | 2017-09-19 |
| CVE-2017-14050 json | In BlackCat CMS 1.2, backend/addons/install.php allows remote authenticated users to execute arbitrary PHP code via a ZIP arc... | 8.8 - HIGH | 2017-08-31 | 2017-09-01 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Blackcat-cms | Blackcat Cms | 1.3.6 | |||
| Application | Blackcat-cms | Blackcat Cms | 1.3.5 | |||
| Application | Blackcat-cms | Blackcat Cms | 1.3.4 | |||
| Application | Blackcat-cms | Blackcat Cms | 1.3.3 | |||
| Application | Blackcat-cms | Blackcat Cms | 1.3.2 | |||
| Application | Blackcat-cms | Blackcat Cms | 1.3 | |||
| Application | Blackcat-cms | Blackcat Cms | 1.2.2 | |||
| Application | Blackcat-cms | Blackcat Cms | 1.2.1 | |||
| Application | Blackcat-cms | Blackcat Cms | 1.2.1 | |||
| Application | Blackcat-cms | Blackcat Cms | 1.2 | |||
| Application | Blackcat-cms | Blackcat Cms | 1.1.3 | |||
| Application | Blackcat-cms | Blackcat Cms | 1.1.2 | |||
| Application | Blackcat-cms | Blackcat Cms | 1.1.1 | |||
| Application | Blackcat-cms | Blackcat Cms | 1.1 | |||
| Application | Blackcat-cms | Blackcat Cms | 1.0.4 | |||
| Application | Blackcat-cms | Blackcat Cms | 1.0.2 | |||
| Application | Blackcat-cms | Blackcat Cms | 1.0.2 | |||
| Application | Blackcat-cms | Blackcat Cms | 1.0.1 | |||
| Application | Blackcat-cms | Blackcat Cms | 1.0 |