Known Vulnerabilities for Genixcms by Metalgenix
Listed below are 10 of the newest known vulnerabilities associated with "Genixcms" by "Metalgenix".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2022-24563 | In Genixcms v1.1.11, a stored Cross-Site Scripting (XSS) vulnerability exists in /gxadmin/index.php?page=themes&view=options"... | 5.4 - MEDIUM | 2022-03-03 | 2022-03-09 |
| CVE-2020-10057 | GeniXCMS 1.1.7 is vulnerable to user privilege escalation due to broken access control. This issue exists because of an incom... | 8.8 - HIGH | 2020-03-04 | 2020-03-05 |
| CVE-2018-14476 | GeniXCMS 1.1.5 has XSS via the dbuser or dbhost parameter during step 1 of installation. | 6.1 - MEDIUM | 2019-12-31 | 2020-03-17 |
| CVE-2017-5519 | SQL injection vulnerability in Posts.class.php in GeniXCMS through 0.0.8 allows remote attackers to execute arbitrary SQL com... | 9.8 - CRITICAL | 2017-01-17 | 2017-01-27 |
| CVE-2017-5518 | The media-file upload feature in GeniXCMS through 0.0.8 allows remote attackers to conduct SSRF attacks via a URL, as demonst... | 7.4 - HIGH | 2017-01-17 | 2017-01-27 |
| CVE-2017-5517 | SQL injection vulnerability in author.control.php in GeniXCMS through 0.0.8 allows remote attackers to execute arbitrary SQL ... | 9.8 - CRITICAL | 2017-01-17 | 2017-01-27 |
| CVE-2017-5516 | Multiple cross-site scripting (XSS) vulnerabilities in the user forms in GeniXCMS through 0.0.8 allow remote attackers to inj... | 6.1 - MEDIUM | 2017-01-17 | 2017-01-23 |
| CVE-2017-5515 | Cross-site scripting (XSS) vulnerability in the user prompt function in GeniXCMS through 0.0.8 allows remote authenticated us... | 5.4 - MEDIUM | 2017-01-17 | 2017-01-23 |
| CVE-2017-5347 | SQL injection vulnerability in inc/mod/newsletter/options.php in GeniXCMS 0.0.8 allows remote authenticated administrators to... | 7.2 - HIGH | 2017-01-12 | 2017-01-27 |
| CVE-2017-5345 | SQL injection vulnerability in inc/lib/Control/Ajax/tags-ajax.control.php in GeniXCMS 0.0.8 allows remote authenticated edito... | 8.8 - HIGH | 2017-01-12 | 2017-01-27 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Metalgenix | Genixcms | 1.14 | All | All | All |
| Application | Metalgenix | Genixcms | 1.1.7 | All | All | All |
| Application | Metalgenix | Genixcms | 1.1.6 | All | All | All |
| Application | Metalgenix | Genixcms | 1.1.5 | All | All | All |
| Application | Metalgenix | Genixcms | 1.1.4 | All | All | All |
| Application | Metalgenix | Genixcms | 1.1.3 | All | All | All |
| Application | Metalgenix | Genixcms | 1.1.2 | All | All | All |
| Application | Metalgenix | Genixcms | 1.1.1 | All | All | All |
| Application | Metalgenix | Genixcms | 1.1.0 | All | All | All |
| Application | Metalgenix | Genixcms | 1.0.2 | All | All | All |
| Application | Metalgenix | Genixcms | 1.0.1 | All | All | All |
| Application | Metalgenix | Genixcms | 1.0.0 | All | All | All |
| Application | Metalgenix | Genixcms | 0.0.8 | All | All | All |
| Application | Metalgenix | Genixcms | 0.0.7 | alpha1 | All | All |
| Application | Metalgenix | Genixcms | 0.0.7 | alpha | All | All |
| Application | Metalgenix | Genixcms | 0.0.7 | - | All | All |
| Application | Metalgenix | Genixcms | 0.0.7 | All | All | All |
| Application | Metalgenix | Genixcms | 0.0.6 | All | All | All |
| Application | Metalgenix | Genixcms | 0.0.5 | All | All | All |
| Application | Metalgenix | Genixcms | 0.0.4 | patch | All | All |