Cedric1314

2 exploits Active since Jan 2023
CVE-2022-44870 NOMISEC MEDIUM WRITEUP
maccms10 v2022.1000.3032 - Reflected Cross-Site Scripting via AD Management Name Parameter
A reflected cross-site scripting (XSS) vulnerability in maccms10 v2022.1000.3032 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter under the AD Management module.
2 stars
CVSS 6.1
CVE-2022-47872 NOMISEC HIGH WRITEUP
Maccms10 2021.1000.2000 - Server-Side Request Forgery via Name Parameter
A Server-Side Request Forgery (SSRF) in maccms10 v2021.1000.2000 allows attackers to force the application to make arbitrary requests via a crafted payload injected into the Name parameter under the Interface address module.
CVSS 8.8