Lucene search

Omni Cms Security Vulnerabilities

cve

CVE-2022-40766

Modern Campus Omni CMS (formerly OU Campus) 10.2.4 allows login-page SQL injection via a '" OR 1 = 1 -- - , <?php' substring.

9.8CVSS

9.7AI Score

0.002EPSS

2022-09-18 05:15 AM

cve

CVE-2023-35859

A Reflected Cross-Site Scripting (XSS) vulnerability in the blog function of Modern Campus - Omni CMS 2023.1 allows a remote attacker to inject arbitrary scripts or HTML via multiple parameters.

6.1CVSS

5.7AI Score

0.0005EPSS

2024-06-13 04:15 PM

cve

CVE-2023-35860

A Directory Traversal vulnerability in Modern Campus - Omni CMS 2023.1 allows a remote, unauthenticated attacker to enumerate file system information via the dir parameter to listing.php or rss.php.

5.3CVSS

6.8AI Score

0.0005EPSS

2024-06-13 04:15 PM