CVE-2025-65656
- EPSS 0.09%
- Veröffentlicht 02.12.2025 00:00:00
- Zuletzt bearbeitet 03.12.2025 18:19:43
dcat-admin v2.2.3-beta and before is vulnerable to file inclusion in admin/src/Extend/VersionManager.php.
CVE-2025-0709
- EPSS 0.1%
- Veröffentlicht 24.01.2025 21:15:11
- Zuletzt bearbeitet 07.05.2025 20:03:05
A vulnerability was found in Dcat-Admin 2.2.1-beta. It has been rated as problematic. This issue affects some unknown processing of the file /admin/auth/roles of the component Roles Page. The manipulation leads to cross site scripting. The attack may...
CVE-2024-54774
- EPSS 0.05%
- Veröffentlicht 27.12.2024 22:15:12
- Zuletzt bearbeitet 21.04.2025 17:00:56
Dcat Admin v2.2.0-beta contains a cross-site scripting (XSS) vulnerability in /admin/articles/create.
CVE-2024-54775
- EPSS 0.19%
- Veröffentlicht 27.12.2024 22:15:12
- Zuletzt bearbeitet 22.04.2025 15:46:43
Dcat-Admin v2.2.0-beta and v2.2.2-beta contains a Cross-Site Scripting (XSS) vulnerability via /admin/auth/menu and /admin/auth/extensions.
CVE-2024-29644
- EPSS 0.7%
- Veröffentlicht 26.03.2024 12:15:50
- Zuletzt bearbeitet 30.04.2025 16:48:15
Cross Site Scripting vulnerability in dcat-admin v.2.1.3 and before allows a remote attacker to execute arbitrary code via a crafted script to the user login box.
CVE-2023-33736
- EPSS 0.21%
- Veröffentlicht 31.05.2023 13:15:10
- Zuletzt bearbeitet 10.01.2025 15:15:13
A stored cross-site scripting (XSS) vulnerability in Dcat-Admin v2.1.3-beta allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the URL parameter.