Every CVE whose affected-product data names Wolfcms Wolf Cms, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (16)
CVE-2015-6567 — CVSS 8.8 (high): Wolf CMS before 0.8.3.1 allows unrestricted file upload and PHP Code Execution because admin/plugin/file_manager/browse/ (aka the…
CVE-2015-6568 — CVSS 8.8 (high): Wolf CMS before 0.8.3.1 allows unrestricted file rename and PHP Code Execution because admin/plugin/file_manager/browse/ (aka the…
CVE-2012-1897 — CVSS 6.8 (medium): Multiple cross-site request forgery (CSRF) vulnerabilities in Wolf CMS 0.75 and earlier allow remote attackers to hijack the authentication…
CVE-2018-8814 — CVSS 6.5 (medium): Cross-site request forgery (CSRF) vulnerability in WolfCMS 0.8.3.1 allows remote attackers to hijack the authentication of users for…
CVE-2019-10646 — CVSS 6.1 (medium): Wolf CMS v0.8.3.1 is affected by cross site scripting (XSS) in the module Add Snippet (/?/admin/snippet/add). This allows an attacker to…
CVE-2018-1000084 — CVSS 5.4 (medium): WOlfCMS WolfCMS version version 0.8.3.1 contains a Stored Cross-Site Scripting vulnerability in Layout Name (from Layout tab) that can…
CVE-2017-11611 — CVSS 5.4 (medium): Wolf CMS 0.8.3.1 allows Cross-Site Scripting (XSS) attacks. The vulnerability exists due to insufficient sanitization of the file name in a…
CVE-2018-8813 — CVSS 4.8 (medium): Open redirect vulnerability in the login[redirect] parameter login functionality in WolfCMS 0.8.3.1 allows remote attackers to redirect…
CVE-2012-1932 — CVSS 4.8 (medium): A cross-site scripting (XSS) vulnerability in Wolf CMS 0.75 and earlier allows remote attackers to inject arbitrary web script or HTML via…
CVE-2018-1000087 — CVSS 4.8 (medium): WolfCMS version version 0.8.3.1 contains a Reflected Cross Site Scripting vulnerability in "Create New File" and "Create New Directory"…
CVE-2018-6890 — CVSS 4.8 (medium): Cross-site scripting (XSS) vulnerability in Wolf CMS 0.8.3.1 via the page editing feature, as demonstrated by /?/admin/page/edit/3.
CVE-2019-25070 — CVSS 3.5 (low): ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in WolfCMS up to 0.8.3.1. It has been rated as problematic. This issue affects…