Known Vulnerabilities for Genixcms by Metalgenix
Listed below are 10 of the newest known vulnerabilities associated with "Genixcms" by "Metalgenix".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2022-24563 json | In Genixcms v1.1.11, a stored Cross-Site Scripting (XSS) vulnerability exists in /gxadmin/index.php?page=themes&view=options"... | 5.4 - MEDIUM | 2022-03-03 | 2022-03-09 |
| CVE-2020-10057 json | GeniXCMS 1.1.7 is vulnerable to user privilege escalation due to broken access control. This issue exists because of an incom... | 8.8 - HIGH | 2020-03-04 | 2020-03-05 |
| CVE-2018-14476 json | GeniXCMS 1.1.5 has XSS via the dbuser or dbhost parameter during step 1 of installation. | 6.1 - MEDIUM | 2019-12-31 | 2020-03-17 |
| CVE-2017-6065 json | SQL injection vulnerability in inc/lib/Control/Backend/menus.control.php in GeniXCMS through 1.0.2 allows remote authenticate... | 8.8 - HIGH | 2017-02-17 | 2017-02-23 |
| CVE-2017-5959 json | CSRF token bypass in GeniXCMS before 1.0.2 could result in escalation of privileges. The forgotpassword.php page can be used ... | 9.8 - CRITICAL | 2017-02-21 | 2019-10-03 |
| CVE-2017-5575 json | SQL injection vulnerability in inc/lib/Options.class.php in GeniXCMS before 1.0.0 allows remote attackers to execute arbitrar... | 9.8 - CRITICAL | 2017-01-23 | 2017-01-26 |
| CVE-2017-5574 json | SQL injection vulnerability in register.php in GeniXCMS before 1.0.0 allows unauthenticated users to execute arbitrary SQL co... | 9.8 - CRITICAL | 2017-01-23 | 2017-01-26 |
| CVE-2017-5520 json | The media rename feature in GeniXCMS through 0.0.8 does not consider alternative PHP file extensions when checking uploaded f... | 8.8 - HIGH | 2017-01-17 | 2019-10-03 |
| CVE-2017-5519 json | SQL injection vulnerability in Posts.class.php in GeniXCMS through 0.0.8 allows remote attackers to execute arbitrary SQL com... | 9.8 - CRITICAL | 2017-01-17 | 2017-01-27 |
| CVE-2017-5518 json | The media-file upload feature in GeniXCMS through 0.0.8 allows remote attackers to conduct SSRF attacks via a URL, as demonst... | 7.4 - HIGH | 2017-01-17 | 2017-01-27 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Metalgenix | Genixcms | 1.14 | |||
| Application | Metalgenix | Genixcms | 1.1.7 | |||
| Application | Metalgenix | Genixcms | 1.1.6 | |||
| Application | Metalgenix | Genixcms | 1.1.5 | |||
| Application | Metalgenix | Genixcms | 1.1.4 | |||
| Application | Metalgenix | Genixcms | 1.1.3 | |||
| Application | Metalgenix | Genixcms | 1.1.2 | |||
| Application | Metalgenix | Genixcms | 1.1.1 | |||
| Application | Metalgenix | Genixcms | 1.1.0 | |||
| Application | Metalgenix | Genixcms | 1.0.2 | |||
| Application | Metalgenix | Genixcms | 1.0.1 | |||
| Application | Metalgenix | Genixcms | 1.0.0 | |||
| Application | Metalgenix | Genixcms | 0.0.8 | |||
| Application | Metalgenix | Genixcms | 0.0.7 | |||
| Application | Metalgenix | Genixcms | 0.0.7 | |||
| Application | Metalgenix | Genixcms | 0.0.7 | |||
| Application | Metalgenix | Genixcms | 0.0.7 | |||
| Application | Metalgenix | Genixcms | 0.0.6 | |||
| Application | Metalgenix | Genixcms | 0.0.5 | |||
| Application | Metalgenix | Genixcms | 0.0.4 |