MoritzHuppert

3 exploits Active since Mar 2022
CVE-2022-25018 NOMISEC HIGH NO CODE
Pluxml - Code Injection
Pluxml v5.8.7 was discovered to allow attackers to execute arbitrary code via crafted PHP code inserted into static pages.
1 stars
CVSS 8.8
CVE-2022-25020 NOMISEC MEDIUM NO CODE
Pluxml - XSS
A cross-site scripting (XSS) vulnerability in Pluxml v5.8.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the thumbnail path of a blog post.
CVSS 5.4
CVE-2022-25022 NOMISEC MEDIUM NO CODE
Htmly - XSS
A cross-site scripting (XSS) vulnerability in Htmly v2.8.1 allows attackers to excute arbitrary web scripts HTML via a crafted payload in the content field of a blog post.
CVSS 5.4