Headline

GHSA-7vx2-5349-qj99: ConcreteCMS vulnerable to Xpath injection attacks

ConcreteCMS v9.1.3 was discovered to be vulnerable to Xpath injection attacks. This vulnerability allows attackers to access sensitive XML data via a crafted payload injected into the URL path folder "3".

1 year ago

ghsa

Open in Source

#vulnerability #git #xpath

ConcreteCMS vulnerable to Xpath injection attacks

Moderate severity GitHub Reviewed Published Dec 6, 2022 • Updated Dec 6, 2022

1 year ago

CVE

Open in Source

#vulnerability #web #windows #apple #google #apache #js #php #xpath #chrome #webkit #ssl

ghsa: Latest News

GHSA-8fh4-942r-jf2g: LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/includes/html/pages/device/services.inc.php

2 days ago

ghsa

GHSA-7q7g-4xm8-89cq: Regular Expression Denial of Service (ReDoS) in @eslint/plugin-kit

2 days ago

ghsa

GHSA-phm4-wf3h-pc3r: Unpatched Remote Code Execution in Gogs

2 days ago

ghsa

GHSA-x645-6pf9-xwxw: LibreNMS has an Authenticated OS Command Injection

2 days ago

ghsa

GHSA-gv4m-f6fx-859x: LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/includes/html/print-customoid.php

2 days ago

ghsa

Headline

GHSA-7vx2-5349-qj99: ConcreteCMS vulnerable to Xpath injection attacks

Related news

ghsa: Latest News