Vendor

Creatiwity

Products

CVEs

Across products

Status

Private

Products

CVE	Vendor / Product	Risk	CVSS	EPSS	Published	Description
CVE-2018-14029	Creatiwity Witycms	0.03	—	0.00	Jul 13, 2018	CSRF vulnerability in admin/user/edit in Creatiwity wityCMS 0.6.2 allows an attacker to take over a user account, as demonstrated by modifying the account's email field.
CVE-2018-16776	Creatiwity Witycms	0.00	—	0.00	Sep 10, 2018	wityCMS 0.6.2 has XSS via the "Site Name" field found in the "Contact" "Configuration" page.
CVE-2018-12065	Creatiwity Witycms	0.00	—	0.01	Jun 8, 2018	A Local File Inclusion vulnerability in /system/WCore/WHelper.php in Creatiwity wityCMS 0.6.2 allows remote attackers to include local PHP files (execute PHP code) or read non-PHP files by replacing a helper.json file.

CVE-2018-14029Jul 13, 2018
Creatiwity
Witycms
risk 0.03cvss —epss 0.00
CSRF vulnerability in admin/user/edit in Creatiwity wityCMS 0.6.2 allows an attacker to take over a user account, as demonstrated by modifying the account's email field.
CVE-2018-16776Sep 10, 2018
Creatiwity
Witycms
risk 0.00cvss —epss 0.00
wityCMS 0.6.2 has XSS via the "Site Name" field found in the "Contact" "Configuration" page.
CVE-2018-12065Jun 8, 2018
Creatiwity
Witycms
risk 0.00cvss —epss 0.01
A Local File Inclusion vulnerability in /system/WCore/WHelper.php in Creatiwity wityCMS 0.6.2 allows remote attackers to include local PHP files (execute PHP code) or read non-PHP files by replacing a helper.json file.