Security for everyone

CVE-2018-12095 Scanner

Detects 'Cross-Site Scripting (XSS)' vulnerability in OEcms affects v. 3.1.

SCAN NOW

Short Info


Level

Medium

Single Scan

Single Scan

Can be used by

Asset Owner

Estimated Time

10 sec

Scan only one

Url

Source

-

OEcms v3.1 is a widely-used Content Management System (CMS) used for designing and managing websites. The product is especially popular among businesses and individuals that require a simple and efficient tool to create and manage their web pages. OEcms v3.1 comes with several features that make web designing easy and efficient, including a user-friendly interface, a variety of customizable templates, and a range of add-ons and plugins that can be used to enhance the functionality of the website.

However, despite its popularity, OEcms v3.1 has been found to have a significant vulnerability, that is, the CVE-2018-12095 vulnerability. This vulnerability can be traced to the mod parameter of info.php, and it makes the website vulnerable to Reflected Cross-Site Scripting (XSS) attacks. Hackers can exploit this vulnerability to inject malicious code into the website, which can lead to the theft of sensitive data, hijacking of user sessions, and in some cases, complete control of the website.

When attackers exploit the CVE-2018-12095 vulnerability, they can place malicious code into the website, which can be triggered when unsuspecting users visit the site. This can result in the installation of malware on the victim's device, which can spread to other devices in the network. The attacker can also use the vulnerability to steal sensitive data, such as login credentials and financial information, which can be used for identity theft and other fraudulent activities.

Thanks to the pro features of the SecurityForEveryone.com platform, users can quickly and easily learn about vulnerabilities in their digital assets, including the CVE-2018-12095 vulnerability in OEcms v3.1. By subscribing to our premium service, users can receive timely alerts and notifications about new vulnerabilities, as well as access to specialized tools and resources that can help them strengthen the security of their web assets.

 

REFERENCES

cyber security services for everyone one. Free security tools, continuous vulnerability scanning and many more.
Try it yourself,
control security posture