Cedric1314

2 exploits Active since Jan 2023

CVE-2022-44870 NOMISEC MEDIUM WRITEUP

Maccms - XSS

A reflected cross-site scripting (XSS) vulnerability in maccms10 v2022.1000.3032 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter under the AD Management module.

2 stars

CVSS 6.1

View Code

CVE-2022-47872 NOMISEC HIGH WRITEUP

Maccms - SSRF

A Server-Side Request Forgery (SSRF) in maccms10 v2021.1000.2000 allows attackers to force the application to make arbitrary requests via a crafted payload injected into the Name parameter under the Interface address module.

CVSS 8.8

View Code