SQL injection vulnerability in index.php in eliteCMS 1.0 allows remote attackers to execute arbitrary SQL commands via the page parameter.
8.4AI Score
0.001EPSS
An issue was discovered in Elite CMS Pro 2.01. In /admin/add_sidebar.php, the ?page= parameter is vulnerable to SQL injection.
7.2CVSS
7.3AI Score
0.001EPSS
9.8CVSS
9.3AI Score
0.003EPSS
An issue in /admin/delete_image.php of eliteCMS v1.0 allows attackers to delete arbitrary files.
9.1CVSS
9.1AI Score
0.001EPSS
eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/edit_page.php.
9.8CVSS
9.7AI Score
0.002EPSS
eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/edit_post.php.
9.8CVSS
9.7AI Score
0.002EPSS
eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/functions/functions.php.
9.8CVSS
9.8AI Score
0.002EPSS
eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/edit_user.php.
9.8CVSS
9.8AI Score
0.002EPSS
6.5CVSS
6.4AI Score
0.001EPSS
elitecms 1.0.1 is vulnerable to Arbitrary code execution via admin/manage_uploads.php.
9.8CVSS
9.6AI Score
0.003EPSS
9.8CVSS
9.8AI Score
0.002EPSS
9.8CVSS
9.8AI Score
0.002EPSS
9.8CVSS
9.8AI Score
0.002EPSS
9.8CVSS
9.8AI Score
0.002EPSS
elitecms 1.01 is vulnerable to SQL Injection via admin/edit_sidebar.php?page=2&sidebar=
9.8CVSS
9.8AI Score
0.002EPSS
9.8CVSS
9.8AI Score
0.002EPSS
Cross Site Scripting Vulnerability in Elite CRM v1.2.11 allows attacker to execute arbitrary code via the language parameter to the /ngs/login endpoint.
6.1CVSS
6.4AI Score
0.001EPSS
A file upload vulnerability in EliteCMS v1.01 allows a remote attacker to execute arbitrary code via the manage_uploads.php component.
8.8CVSS
8.8AI Score
0.003EPSS