Lucene search
K

23 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 5:15 a.m.8 views

CVE-2023-47990

SQL Injection vulnerability in components/tablemanager/html/editadmintable.php in CuppaCMS V1.0 allows attackers to run arbitrary SQL commands via the table parameter...

9.8CVSS8.3AI score0.0078EPSS
Exploits1References1
Prion
Prion
added 2023/12/20 7:15 p.m.17 views

Sql injection

SQL Injection vulnerability in components/tablemanager/html/editadmintable.php in CuppaCMS V1.0 allows attackers to run arbitrary SQL commands via the table parameter...

7.5CVSS8.7AI score0.0078EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/12/20 12:0 a.m.14 views

CVE-2023-47990

SQL Injection vulnerability in components/tablemanager/html/editadmintable.php in CuppaCMS V1.0 allows attackers to run arbitrary SQL commands via the table parameter...

9.9AI score0.0078EPSS
Exploits1References1
NVD
NVD
added 2022/09/13 11:15 p.m.23 views

CVE-2022-37191

The component "cuppa/api/index.php" of CuppaCMS v1.0 is Vulnerable to LFI. An authenticated user can read system files via crafted POST request using function parameter value as LFI payload...

6.5CVSS0.02646EPSS
Exploits1References2
Prion
Prion
added 2022/09/13 11:15 p.m.18 views

Cross site request forgery (csrf)

The component "cuppa/api/index.php" of CuppaCMS v1.0 is Vulnerable to LFI. An authenticated user can read system files via crafted POST request using function parameter value as LFI payload...

4CVSS6.3AI score0.02646EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2022/04/26 2:15 p.m.14 views

CVE-2022-27985

CuppaCMS v1.0 was discovered to contain a SQL injection vulnerability via /administrator/alerts/alertLightbox.php...

9.8CVSS0.06598EPSS
Exploits1References2
NVD
NVD
added 2022/04/26 2:15 p.m.17 views

CVE-2022-27984

CuppaCMS v1.0 was discovered to contain a SQL injection vulnerability via the menufilter parameter at /administrator/templates/default/html/windows/right.php...

9.8CVSS0.0678EPSS
Exploits1References2
Prion
Prion
added 2022/04/26 2:15 p.m.19 views

Sql injection

CuppaCMS v1.0 was discovered to contain a SQL injection vulnerability via /administrator/alerts/alertLightbox.php...

7.5CVSS9.8AI score0.06598EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2022/04/26 2:15 p.m.15 views

Sql injection

CuppaCMS v1.0 was discovered to contain a SQL injection vulnerability via the menufilter parameter at /administrator/templates/default/html/windows/right.php...

7.5CVSS9.8AI score0.0678EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2022/04/26 1:58 p.m.24 views

CVE-2022-27985

CuppaCMS v1.0 was discovered to contain a SQL injection vulnerability via /administrator/alerts/alertLightbox.php...

10AI score0.06598EPSS
Exploits1References1
Cvelist
Cvelist
added 2022/04/26 1:58 p.m.20 views

CVE-2022-27984

CuppaCMS v1.0 was discovered to contain a SQL injection vulnerability via the menufilter parameter at /administrator/templates/default/html/windows/right.php...

10AI score0.0678EPSS
Exploits1References1
NVD
NVD
added 2022/03/15 6:15 p.m.15 views

CVE-2022-25495

The component /jqueryfileupload/server/php/index.php of CuppaCMS v1.0 allows attackers to upload arbitrary files and execute arbitrary code via a crafted PHP file...

9.8CVSS0.0204EPSS
Exploits1References1
NVD
NVD
added 2022/03/15 6:15 p.m.37 views

CVE-2022-25486

CuppaCMS v1.0 was discovered to contain a local file inclusion via the url parameter in /alerts/alertConfigField.php...

7.8CVSS0.09966EPSS
Exploits1References3
NVD
NVD
added 2022/03/15 6:15 p.m.15 views

CVE-2022-25497

CuppaCMS v1.0 was discovered to contain an arbitrary file read via the copy function...

5.3CVSS0.03642EPSS
Exploits1References1
Prion
Prion
added 2022/03/15 6:15 p.m.17 views

Design/Logic Flaw

CuppaCMS v1.0 was discovered to contain a local file inclusion via the url parameter in /alerts/alertLightbox.php...

6.8CVSS7.5AI score0.07927EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2022/03/15 6:15 p.m.11 views

Code injection

CuppaCMS v1.0 was discovered to contain an arbitrary file read via the copy function...

5CVSS5.3AI score0.03642EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2022/03/15 6:15 p.m.16 views

Code injection

The component /jqueryfileupload/server/php/index.php of CuppaCMS v1.0 allows attackers to upload arbitrary files and execute arbitrary code via a crafted PHP file...

7.5CVSS9.6AI score0.0204EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2022/03/15 6:15 p.m.17 views

Remote code execution

CuppaCMS v1.0 was discovered to contain a remote code execution RCE vulnerability via the saveConfigData function in /classes/ajax/Functions.php...

7.5CVSS9.8AI score0.02886EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2022/03/15 5:41 p.m.18 views

CVE-2022-25485

CuppaCMS v1.0 was discovered to contain a local file inclusion via the url parameter in /alerts/alertLightbox.php...

7.8AI score0.07927EPSS
Exploits1References1
Cvelist
Cvelist
added 2022/03/15 5:41 p.m.39 views

CVE-2022-25486

CuppaCMS v1.0 was discovered to contain a local file inclusion via the url parameter in /alerts/alertConfigField.php...

7.8AI score0.09966EPSS
Exploits1References3
Rows per page
Query Builder