← Back

Eleanor Cms

eleanor_cms

Vendor: Eleanor Cms • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2018-18717
1Eleanor Cms
1Eleanor Cms
Nov 21, 2024
Oct 29, 2018
N/A· v4
4.8 MEDIUM· v3
3.5 LOW· v2
An issue was discovered in Eleanor CMS through 2015-03-19. XSS exists via the ajax.php?direct=admin&file=autocomplete&query=[XSS] URI.
CVE-2014-9180
1Eleanor Cms
1Eleanor Cms
May 6, 2026
Dec 2, 2014
N/A· v4
N/A· v3
5.0 MEDIUM· v2
Open redirect vulnerability in go.php in Eleanor CMS allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the QUERY_STRING.