VYPR
Unrated severityNVD Advisory· Published Feb 9, 2015· Updated Jun 17, 2026

CVE-2015-1562

CVE-2015-1562

Description

Multiple cross-site scripting (XSS) vulnerabilities in Saurus CMS 4.7.0 allow remote attackers to inject arbitrary web script or HTML via the (1) search parameter to admin/user_management.php, (2) data_search parameter to /admin/profile_data.php, or (3) filter parameter to error_log.php.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Saurus/CMS2 versions
    cpe:2.3:a:saurus:saurus_cms:4.7.0:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:saurus:saurus_cms:4.7.0:*:*:*:*:*:*:*
    • (no CPE)range: = 4.7.0

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.