CVE-2024-11489 | 115cms up to 20240807 file.html ks cross site scripting

A vulnerability was found in 115cms up to 20240807. It has been classified as problematic. Affected is an unknown function of the file /index.php/admin/web/file.html. The manipulation of the argument ks leads to cross site scripting.

This vulnerability is traded as CVE-2024-11489. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-11489 | 115cms up to 20240807 file.html ks cross site scripting

Post correlati

CVE-2024-26268 | Liferay Portal/DXP information exposure

CVE-2024-0481 | Taokeyun up to 1.0.5 HTTP POST Request Goods.php shopGoods keyword sql injection

CVE-2024-8041 | GitLab Community Edition/Enterprise Edition up to 17.1.5/17.2.3/17.3.0 Import resource consumption

CVE-2024-45323 | Fortinet FortiEDR Manager up to 6.0.1/6.2.1 REST API access control (FG-IR-24-371)