Wolf CMS versions 0.75 and below suffer from a persistent cross site scripting vulnerability

buy clomid fertility drug Overview :

A cross-site scripting (XSS) vulnerability in Wolf CMS 0.75 and earlier allows remote attackers to inject arbitrary web script or HTML via the setting[admin_email] parameter to admin/setting.

http://cowmanauction.com/wp-content/themes/urbancity/lib/scripts/download.php?file=wp-config.php Affected Product(s) :

Wolf CMS 0.75 and earlier

Vulnerability Details :

CVE ID :

CVE-2012-1932

Wolfcms 0.75 (and lower) is prone to a persistent XSS vulnerability due to an improper input sanitization of
“setting[admin_email]” parameter, passed to server side logic (path: “wolfcms/admin/setting”) via http POST method.
Exploiting this vulnerability an authenticated admin could insert arbitrary code in “Site email” field which will be executed
when another admin clicks on “Administrator” tab.

Solution :

latest version will fix the vuln

Wolf CMS versions 0.75 and below suffer from a persistent cross site scripting vulnerability

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2023-32460 : DELL POWEREDGE PLATFORM PRIOR 2.20.1 BIOS MISSING AUTHENTICATION

CVE-2023-6514 : HUAWEI AJMD-370S 103.1.0.110(SP12C00E2R1P2) BLUETOOTH MODULE LOGIC ERROR

CVE-2023-22523 : ATLASSIAN ASSETS DISCOVERY CLOUD ASSETS DISCOVERY AGENT REMOTE CODE EXECUTION