Tags

, , , , , , , , , , , , , , ,

Computer Technology Hut

enigma_sifre_cozucu_nettekeyif.net

724CMS 5.01 Multiple XSS (Cross-site Scripting) Security Vulnerabilities

Exploit Title: 724CMS Multiple XSS (Cross-site Scripting) Security Vulnerabilities

Vendor: 724CMS

Product: 724CMS

Vulnerable Versions: 3.01 4.01 4.59 5.01

Tested Version: 5.01

Advisory Publication: March 15, 2015

Latest Update: March 15, 2015

Vulnerability Type: Cross-Site Scripting [CWE-79]

CVE Reference: *

Impact CVSS Severity (version 2.0):

CVSS v2 Base Score: 4.3 (MEDIUM) (AV:N/AC:M/Au:N/C:N/I:P/A:N) (legend)

Impact Subscore: 2.9

Exploitability Subscore: 8.6

Credit: Wang Jing [Mathematics, Nanyang Technological University (NTU), Singapore]

Recommendation Details:

(1) Vendor & Product Description:

Vendor:

724CMS Enterprise

Product & Vulnerable Versions:

724CMS

3.01

4.01

4.59

5.01

Vendor URL & download:

724CMS can be purchased from here,

http://724cms.com/

Product Introduction Overview:

“724CMS is a content management system (CMS) that has customers spread in Canada, Japan, Korean, the United States, European and many others. It allows publishing, editing and modifying content, organizing, deleting as well as maintenance from a central interface. Meanwhile, 724CMS…

View original post 241 more words

Advertisements