Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Victor Cms Security Vulnerabilities

cve
cve

CVE-2020-23966

SQL Injection vulnerability in victor cms 1.0 allows attackers to execute arbitrary commands via the post parameter to /post.php in a crafted GET...

9.8CVSS

9.3AI Score

0.001EPSS

2023-05-08 02:15 PM
8
cve
cve

CVE-2020-35597

Victor CMS 1.0 is vulnerable to SQL injection via c_id parameter of admin_edit_comment.php, p_id parameter of admin_edit_post.php, u_id parameter of admin_edit_user.php, and edit parameter of...

8.8CVSS

8.5AI Score

0.013EPSS

2022-06-16 07:15 PM
23
8
cve
cve

CVE-2022-28060

SQL Injection vulnerability in Victor CMS v1.0, via the user_name parameter to...

7.5CVSS

7.9AI Score

0.002EPSS

2022-04-28 08:15 PM
54
cve
cve

CVE-2022-27478

Victor v1.0 was discovered to contain a remote code execution (RCE) vulnerability via the component...

8.8CVSS

9.1AI Score

0.004EPSS

2022-04-21 08:15 PM
49
cve
cve

CVE-2022-26201

Victor CMS v1.0 was discovered to contain a SQL injection...

9.8CVSS

9.8AI Score

0.002EPSS

2022-03-04 02:15 PM
39
cve
cve

CVE-2022-23873

Victor CMS v1.0 was discovered to contain a SQL injection vulnerability that allows attackers to inject arbitrary commands via 'user_firstname'...

8.8CVSS

9AI Score

0.001EPSS

2022-02-03 03:15 AM
28
cve
cve

CVE-2021-46459

Victor CMS v1.0 was discovered to contain multiple SQL injection vulnerabilities in the component admin/users.php?source=add_user. These vulnerabilities can be exploited through a crafted POST request via the user_name, user_firstname,user_lastname, or user_email...

7.5CVSS

7.9AI Score

0.001EPSS

2022-01-31 07:15 PM
32
cve
cve

CVE-2021-46458

Victor CMS v1.0 was discovered to contain a SQL injection vulnerability in the component admin/posts.php?source=add_post. This vulnerability can be exploited through a crafted POST request via the post_title...

7.5CVSS

7.7AI Score

0.001EPSS

2022-01-31 04:15 PM
24
cve
cve

CVE-2021-25203

Arbitrary file upload vulnerability in Victor CMS v 1.0 allows attackers to execute arbitrary code via the file upload to...

9.8CVSS

9.7AI Score

0.006EPSS

2021-07-23 02:15 PM
52
8
cve
cve

CVE-2020-29280

The Victor CMS v1.0 application is vulnerable to SQL injection via the 'search' parameter on the search.php...

9.8CVSS

8.4AI Score

0.028EPSS

2020-12-02 10:15 PM
33
cve
cve

CVE-2020-23945

A SQL injection vulnerability exists in Victor CMS V1.0 in the cat_id parameter of the category.php file. This parameter can be used by sqlmap to obtain data information in the...

7.5CVSS

8.1AI Score

0.002EPSS

2020-10-27 03:15 PM
17
cve
cve

CVE-2020-15599

Victor CMS through 2019-02-28 allows XSS via the register.php user_firstname or user_lastname...

6.1CVSS

6.1AI Score

0.001EPSS

2020-07-07 09:15 PM
60
cve
cve

CVE-2018-16775

An issue was discovered in Victor CMS through 2018-05-10. There is XSS via the site name in the "Categories"...

4.8CVSS

6.1AI Score

0.001EPSS

2018-09-10 04:29 AM
19
cve
cve

CVE-2018-15603

An issue was discovered in Victor CMS through 2018-05-10. There is XSS via the Author field of the "Leave a Comment"...

6.1CVSS

6.2AI Score

0.001EPSS

2018-08-21 02:29 AM
20