Abo.cms Security Vulnerabilities and Issues — Abo.cms CVE List

Lucene search

AbocmsAbo.cms

5 matches found

CVE•added 2024/03/15 6:15 a.m.•70 views

CVE-2024-25227

SQL Injection vulnerability in ABO.CMS version 5.8, allows remote attackers to execute arbitrary code, cause a denial of service (DoS), escalate privileges, and obtain sensitive information via the tb_login parameter in admin login page.

9.8CVSS8.8AI score0.00655EPSS

CVE•added 2025/03/11 6:15 p.m.•43 views

CVE-2021-37787

The unprivileged administrative interface in ABO.CMS version 5.8 through v.5.9.3 is affected by a SQL Injection vulnerability via a HTTP POST request to the TinyMCE module

6.5CVSS8AI score0.00054EPSS

CVE•added 2024/01/06 5:15 a.m.•30 views

CVE-2023-46953

SQL Injection vulnerability in ABO.CMS v.5.9.3, allows remote attackers to execute arbitrary code via the d parameter in the Documents module.

9.8CVSS9.9AI score0.00804EPSS

CVE•added 2024/01/17 3:15 a.m.•28 views

CVE-2023-46952

Cross Site Scripting vulnerability in ABO.CMS v.5.9.3 allows an attacker to execute arbitrary code via a crafted payload to the Referer header.

6.1CVSS6.3AI score0.00135EPSS

CVE•added 2024/01/17 8:15 p.m.•27 views

CVE-2023-48858

A Cross-site scripting (XSS) vulnerability in login page php code in Armex ABO.CMS 5.9 allows remote attackers to inject arbitrary web script or HTML via the login.php? URL part.

6.1CVSS6.1AI score0.00176EPSS