Eleanor-cms Eleanor Cms — known CVE vulnerabilities
Every CVE whose affected-product data names Eleanor-cms Eleanor Cms, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2014-9180 — CVSS 5.0 (medium): Open redirect vulnerability in go.php in Eleanor CMS allows remote attackers to redirect users to arbitrary web sites and conduct phishing…
CVE-2018-18717 — CVSS 4.8 (medium): An issue was discovered in Eleanor CMS through 2015-03-19. XSS exists via the ajax.php?direct=admin&file=autocomplete&query=[XSS] URI.