31 Total advisories
31 Vulnerabilities
0 Malware
Vulnerabilities
MEDIUM 6.1
CVE-2023-42343
Alkacon OpenCms is vulnerable to XSS via cmis-online/type
HIGH 7.5
CVE-2023-42346
Alkacon OpenCms is vulnerable to XXE when the <!DOCTYPE> refers to an external host
HIGH 7.3
CVE-2023-42344
Alkacon OpenCms allows remote unauthenticated attackers to obtain sensitive information
MEDIUM 6.1
CVE-2023-42345
Alkacon OpenCms is vulnerable to XSS via updateModelGroups.jsp
MEDIUM 5.4
CVE-2023-6379
Alkacon OpenCMS XSS via Mercury template
UNKNOWN
CVE-2019-11818
Alkacon OpenCMS XSS via New User module
UNKNOWN
CVE-2015-2351
Alkacon OpenCMS XSS via homelink, workplaceresource, mode and query parameters
UNKNOWN
CVE-2013-4600
Alkacon OpenCMS XSS via title and requestedResource parameters
UNKNOWN
CVE-2008-1753
Alkacon OpenCMS XSS via searchfilter parameter in system/workplace/admin/workplace/sessions.jsp
UNKNOWN
CVE-2008-1510
Alkacon OpenCMS XSS via searchfilter or listSearchFilter parameter
UNKNOWN
CVE-2008-1301
Alkacon OpenCMS Absolute Path Traversal via pathname in filePath.0 parameter
UNKNOWN
CVE-2008-1300
Alkacon Open CMS XSS via Logfile Viewer Settings function
UNKNOWN
CVE-2008-1045
Alkacon OpenCMS XSS via file tree navigation in system/workplace/views/explorer/tree_files.jsp
UNKNOWN
CVE-2006-3935
Alkacon OpenCMS Improper Access Control via system/workplace/views/admin/admin-main.jsp
UNKNOWN
CVE-2006-3934
Alkacon OpenCMS Absolute Path Traversal via pathname in filePath parameter
UNKNOWN
CVE-2006-3933
Alkacon OpenCms XSS via unsanitized message body
UNKNOWN
CVE-2006-2571
Alkacon OpenCms XSS via query parameter in a search action
UNKNOWN
CVE-2005-4294
Alkacon OpenCms XSS via username during login
HIGH 7.8
CVE-2019-11819
Alkacon OpenCMS CSV Injection via New User module
MEDIUM 5.4
CVE-2024-41447
Alkacon OpenCMS stored cross-site scripting (XSS) vulnerability
MEDIUM 5.4
CVE-2024-41446
OpenCMS cross-site scripting (XSS) vulnerability
UNKNOWN
CVE-2024-42699
OpenCMS Cross-Site Scripting vulnerability
MEDIUM 6.4
CVE-2024-5520
OpenCMS Cross-Site Scripting vulnerability
MEDIUM 6.1
CVE-2023-37602
Alkacon OpenCMS arbitrary file upload vulnerability
MEDIUM 5.4
CVE-2023-31544
alkacon-OpenCMS vulnerable to stored Cross-site Scripting
UNKNOWN
CVE-2006-3936
Alkacon OpenCms Exposes JSP Source Code
MEDIUM 6.5
CVE-2021-3312
XML External Entity Reference in org.opencms:opencms-core
MEDIUM 4.3
CVE-2019-13237
Local file inclusion allows unauthorized access to internal resources in Alkacon OpenCms
MEDIUM 6.1
CVE-2019-13236
XSS issues in the management interface
MEDIUM 6.1
CVE-2019-13235
XSS in login form
MEDIUM 6.1
CVE-2019-13234
XSS in search engine
Ready to move
Start Securing
Free, no credit card | First findings in minutes