U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Vulnerability Change Records for CVE-2019-25070

Change History

CVE Modified by VulDB 12/30/2022 8:15:09 AM

Action Type Old Value New Value
Changed Description
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in WolfCMS up to 0.8.3.1. It has been rated as problematic. This issue affects some unknown processing of the file /wolfcms/?/admin/user/add of the component User Add. The manipulation of the argument name leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
** UNSUPPPORTED WHEN ASSIGNED **** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in WolfCMS up to 0.8.3.1. It has been rated as problematic. This issue affects some unknown processing of the file /wolfcms/?/admin/user/add of the component User Add. The manipulation of the argument name leads to basic cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-135125 was assigned to this vulnerability. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
Removed CVSS V3.1
VulDB AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

								
						
Added CVSS V3

								
							
							
						
VulDB AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
Added CVSS V2

								
							
							
						
VulDB (AV:N/AC:M/Au:S/C:N/I:P/A:N)
Added Reference

								
							
							
						
https://vuldb.com/?ctiid.135125 [No Types Assigned]
Removed CVSS V3.1 Reason
C-No limiting factors

								
						
Removed CVSS V3.1 Reason
PR-No privileges needed

								
						
Removed CVSS V3.1 Reason
S-Security boundary