Lucene search
Cuppacms Security Vulnerabilities - 2023
cve
Session fixation vulnerability in CuppaCMS thru commit 4c9b742b23b924cf4c1f943f48b278e06a17e297 on November 12, 2019 allows attackers to gain access to arbitrary user sessions.
8.8CVSS
8.7AI Score
0.002EPSS
2023-01-20 07:15 PM
17
cve
Cuppa CMS v1.0 was discovered to contain a remote code execution (RCE) vulnerability via the email_outgoing parameter at /Configuration.php. This vulnerability is triggered via a crafted payload.
9.8CVSS
9.7AI Score
0.006EPSS
2023-09-05 06:15 PM
79
cve
SQL Injection vulnerability in components/table_manager/html/edit_admin_table.php in CuppaCMS V1.0 allows attackers to run arbitrary SQL commands via the table parameter.
9.8CVSS
9.8AI Score
0.001EPSS
2023-12-20 07:15 PM
8