5.1

CVSS4.0

CVE-2025-41045 - Stored Cross-Site Scripting vulnerability in appRain CMF

A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the 'data[sconfig][ethical_licensekey]' parameter in /apprain/admin/config/ethical.

📅 Published: Sept. 4, 2025, 11:11 a.m. 🔄 Last Modified: Sept. 4, 2025, 6:43 p.m.

5.1

CVSS4.0

CVE-2025-41044 - Stored Cross-Site Scripting vulnerability in appRain CMF

A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the 'data[Page][name]' parameter in /apprain/page/manage-static-pages/create.

📅 Published: Sept. 4, 2025, 11:11 a.m. 🔄 Last Modified: Sept. 4, 2025, 6:43 p.m.

5.1

CVSS4.0

CVE-2025-41043 - Stored Cross-Site Scripting vulnerability in appRain CMF

A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the 'data[AppReportCode][id]' and 'data[AppReportCode][name]' parameters in /apprain/appreport/manage/.

📅 Published: Sept. 4, 2025, 11:11 a.m. 🔄 Last Modified: Sept. 4, 2025, 6:43 p.m.

5.1

CVSS4.0

CVE-2025-41042 - Stored Cross-Site Scripting vulnerability in appRain CMF

A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the 'data[Option][message]', 'data[Option][subject]' and 'data[Option][templatetype]' parameters in /apprain/information/manage/emailt…

📅 Published: Sept. 4, 2025, 11:10 a.m. 🔄 Last Modified: Sept. 4, 2025, 6:43 p.m.

5.1

CVSS4.0

CVE-2025-41041 - Stored Cross-Site Scripting vulnerability in appRain CMF

A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the 'data[code]', 'data[lang][0][key]', 'data[lang][0][value]', 'data[lang][1][key]' and 'data[title]' parameters in /apprain/develope…

📅 Published: Sept. 4, 2025, 11:10 a.m. 🔄 Last Modified: Sept. 4, 2025, 6:44 p.m.

5.1

CVSS4.0

CVE-2025-41040 - Stored Cross-Site Scripting vulnerability in appRain CMF

A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the 'data[code]', 'data[lang][0][key]', 'data[lang][0][value]', 'data[lang][1][key]' and 'data[title]' parameters in /apprain/develope…

📅 Published: Sept. 4, 2025, 11:10 a.m. 🔄 Last Modified: Sept. 4, 2025, 6:44 p.m.

5.1

CVSS4.0

CVE-2025-41039 - Stored Cross-Site Scripting vulnerability in appRain CMF

A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the 'data[sconfig][admin_landing_page]', 'data[sconfig][currency]', 'data[sconfig][db_version]', 'data[sconfig][default_pagination]', …

📅 Published: Sept. 4, 2025, 11:09 a.m. 🔄 Last Modified: Sept. 4, 2025, 6:44 p.m.

5.1

CVSS4.0

CVE-2025-41038 - Stored Cross-Site Scripting vulnerability in appRain CMF

A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the 'data[Group][name]' parameter in /apprain/admin/managegroup/add/.

📅 Published: Sept. 4, 2025, 11:09 a.m. 🔄 Last Modified: Sept. 4, 2025, 6:44 p.m.

5.1

CVSS4.0

CVE-2025-41037 - Stored Cross-Site Scripting vulnerability in appRain CMF

A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the 'data[FileManager][search]' parameter in /apprain/admin/filemanager.

📅 Published: Sept. 4, 2025, 11:09 a.m. 🔄 Last Modified: Sept. 4, 2025, 6:44 p.m.

5.1

CVSS4.0

CVE-2025-41036 - Stored Cross-Site Scripting vulnerability in appRain CMF

A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the  'data[Admin][description]', 'data[Admin][f_name]' and 'data[Admin][l_name]' parameters in /apprain/admin/account/edit.

📅 Published: Sept. 4, 2025, 11:09 a.m. 🔄 Last Modified: Sept. 4, 2025, 6:44 p.m.
Total resulsts: 309476
Page 132 of 30,948
« previous page » next page
Filters