Search for packages
| purl | pkg:composer/gleez/cms@1.3.0 |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-5r5r-ezkb-mqe5
Aliases: CVE-2018-16704 |
Information Exposure An issue was discovered in Gleez CMS. Because of an Insecure Direct Object Reference vulnerability, it is possible for attackers (logged-in users) to view profile page of other users. | There are no reported fixed by versions. |
|
VCID-kshj-dtyq-suhu
Aliases: CVE-2018-1999021 |
Cross-site Scripting Gleezcms Gleez CMS contains a Cross Site Scripting (XSS) vulnerability in Profile page that can result in Inject arbitrary web script or HTML via the profile page editor. This attack appear to be exploitable via The victim must navigate to the attacker's profile page. | There are no reported fixed by versions. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-06-02T04:38:13.313092+00:00 | GitLab Importer | Affected by | VCID-5r5r-ezkb-mqe5 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/gleez/cms/CVE-2018-16704.yml | 38.6.0 |
| 2026-06-02T04:38:04.446738+00:00 | GitLab Importer | Affected by | VCID-kshj-dtyq-suhu | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/gleez/cms/CVE-2018-1999021.yml | 38.6.0 |