Cuppa CMS v1.0 - SQL injection

CuppaCMS v1.0 was discovered to contain a SQL injection vulnerability via /administrator/alerts/alertLightbox.php. id: CVE-2022-27985 info: name: Cuppa CMS v1.0 - SQL injection author: theamanrawat severity: critical description: | CuppaCMS v1.0 was discovered to contain a SQL injection...

CuppaCMS v1.0 - Local File Inclusion

Cuppa CMS v1.0 is vulnerable to local file inclusion via the component /templates/default/html/windows/right.php. id: CVE-2022-34121 info: name: CuppaCMS v1.0 - Local File Inclusion author: edoardottt severity: high description: | Cuppa CMS v1.0 is vulnerable to local file inclusion via the...

Cuppa CMS v1.0 - Cross Site Scripting

Cuppa CMS v1.0 was discovered to contain a cross-site scripting vulnerability at /tablemanager/view/cuusergroups. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field under the Add New Group function. id: CVE-2022-38295...

Cuppa CMS v1.0 - SQL injection

Cuppa CMS v1.0 was discovered to contain a SQL injection vulnerability in /administrator/components/tablemanager/ via the searchword parameter. id: CVE-2022-24264 info: name: Cuppa CMS v1.0 - SQL injection author: theamanrawat severity: high description: | Cuppa CMS v1.0 was discovered to contain...

Cuppa CMS v1.0 - SQL injection

Cuppa CMS v1.0 was discovered to contain a SQL injection vulnerability in /administrator/components/tablemanager/ via the orderby parameter. id: CVE-2022-24266 info: name: Cuppa CMS v1.0 - SQL injection author: theamanrawat severity: high description: | Cuppa CMS v1.0 was discovered to contain a...

Cuppa CMS v1.0 - SQL injection

CuppaCMS v1.0 was discovered to contain a SQL injection vulnerability via the menufilter parameter at /administrator/templates/default/html/windows/right.php. id: CVE-2022-27984 info: name: Cuppa CMS v1.0 - SQL injection author: theamanrawat severity: critical description: | CuppaCMS v1.0 was...

Cuppa CMS v1.0 - Remote Code Execution

CuppaCMS 1.0 is vulnerable to Remote Code Execution RCE. An authenticated user can control both parameters action and function from "/api/index.php. id: CVE-2022-37190 info: name: Cuppa CMS v1.0 - Remote Code Execution author: theamanrawat severity: high description: | CuppaCMS 1.0 is vulnerable ...

Cuppa CMS v1.0 - Local File Inclusion

CuppaCMS v1.0 was discovered to contain a local file inclusion via the url parameter in /alerts/alertConfigField.php. id: CVE-2022-25486 info: name: Cuppa CMS v1.0 - Local File Inclusion author: theamanrawat severity: high description: | CuppaCMS v1.0 was discovered to contain a local file...

Cuppa CMS v1.0 - Authenticated Local File Inclusion

The component "cuppa/api/index.php" of CuppaCMS v1.0 is Vulnerable to LFI. An authenticated user can read system files via crafted POST request using function parameter value as LFI payload. id: CVE-2022-37191 info: name: Cuppa CMS v1.0 - Authenticated Local File Inclusion author: theamanrawat...

CVE-2022-37190

CuppaCMS 1.0 is vulnerable to Remote Code Execution RCE. An authenticated user can control both parameters action and function from "/api/index.php...

CVE-2022-27985

CuppaCMS v1.0 was discovered to contain a SQL injection vulnerability via /administrator/alerts/alertLightbox.php...

EUVD-2018-11590

Malware in sbrugna...

EUVD-2018-11248

Malware in sbrugna...

EUVD-2021-16004

Malware in sbrugna...

EUVD-2020-18678

Malware in sbrugna...

EUVD-2018-9055

Malware in sbrugna...

EUVD-2022-30164

Malicious code in bioql PyPI...

CVE-2023-47990

SQL Injection vulnerability in components/tablemanager/html/editadmintable.php in CuppaCMS V1.0 allows attackers to run arbitrary SQL commands via the table parameter...

CVE-2022-25486

CuppaCMS v1.0 was discovered to contain a local file inclusion via the url parameter in /alerts/alertConfigField.php...

CVE-2022-25497

CuppaCMS v1.0 was discovered to contain an arbitrary file read via the copy function...