Known Vulnerabilities for products from Tribalsystems

Listed below are 19 of the newest known vulnerabilities associated with the vendor "Tribalsystems".

These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.

Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2023-44771 json A Cross-Site Scripting (XSS) vulnerability in Zenario CMS v.9.4.59197 allows a local attacker to execute arbitrary code via a... 5.4 - MEDIUM 2023-10-06 2023-10-06
CVE-2023-44770 json A Cross-Site Scripting (XSS) vulnerability in Zenario CMS v.9.4.59197 allows an attacker to execute arbitrary code via a craf... 5.4 - MEDIUM 2023-10-06 2023-10-06
CVE-2023-44769 json A Cross-Site Scripting (XSS) vulnerability in Zenario CMS v.9.4.59197 allows a local attacker to execute arbitrary code via a... 5.4 - MEDIUM 2023-10-25 2023-11-01
CVE-2023-39578 json A stored cross-site scripting (XSS) vulnerability in the Create function of Zenario CMS v9.4 allows attackers to execute arbi... 4.8 - MEDIUM 2023-08-28 2023-08-29
CVE-2022-44136 json Zenario CMS 9.3.57186 is vulnerable to Remote Code Excution (RCE). 9.8 - CRITICAL 2022-11-30 2022-12-02
CVE-2022-44073 json Zenario CMS 9.3.57186 is vulnerable to Cross Site Scripting (XSS) via svg,Users & Contacts. 5.4 - MEDIUM 2022-11-16 2022-11-16
CVE-2022-44071 json Zenario CMS 9.3.57186 is is vulnerable to Cross Site Scripting (XSS) via profile. 5.4 - MEDIUM 2022-11-16 2022-11-16
CVE-2022-44070 json Zenario CMS 9.3.57186 is vulnerable to Cross Site Scripting (XSS) via News articles. 5.4 - MEDIUM 2022-11-16 2022-11-16
CVE-2022-44069 json Zenario CMS 9.3.57186 is vulnerable to Cross Site Scripting (XSS) via the Nest library module. 5.4 - MEDIUM 2022-11-16 2022-11-16
CVE-2022-23043 json ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... 7.2 - HIGH 2022-02-24 2022-03-03
CVE-2022-4231 json A vulnerability, which was classified as problematic, has been found in Tribal Systems Zenario CMS 9.3.57595. This issue affe... 5.4 - MEDIUM 2022-11-30 2022-12-06
CVE-2021-42171 json ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... 7.2 - HIGH 2022-03-14 2022-05-24
CVE-2021-41952 json ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... 4.8 - MEDIUM 2022-03-14 2022-03-21
CVE-2021-27673 json Cross Site Scripting (XSS) in the "admin_boxes.ajax.php" component of Tribal Systems Zenario CMS v8.8.52729 allows remote att... 4.8 - MEDIUM 2021-04-15 2022-05-23
CVE-2021-27672 json SQL Injection in the "admin_boxes.ajax.php" component of Tribal Systems Zenario CMS v8.8.52729 allows remote attackers to obt... 4.9 - MEDIUM 2021-04-15 2021-04-21
CVE-2021-26830 json SQL Injection in Tribalsystems Zenario CMS 8.8.52729 allows remote attackers to access the database or delete the plugin. Thi... 9.1 - CRITICAL 2021-04-16 2021-04-19
CVE-2020-36608 json A vulnerability, which was classified as problematic, has been found in Tribal Systems Zenario CMS. Affected by this issue is... 6.1 - MEDIUM 2022-11-02 2023-11-07
CVE-2018-18420 json Cross-Site Request Forgery (CSRF) vulnerability was discovered in the 8.3 version of Zenario Content Management System via th... 8.8 - HIGH 2018-10-19 2018-12-04
CVE-2018-5960 json Zenario v7.1 - v7.6 has SQL injection via the `Name` input field of organizer.php or admin_boxes.ajax.php in the `Categories ... 8.8 - HIGH 2018-01-22 2020-02-03

Known software with vulnerabilities from Tribalsystems

Type Vendor Product Version
ApplicationTribalsystemsZenario7.0.2e