Lucene search

Arcms Project Security Vulnerabilities

cve

CVE-2018-19558

An issue was discovered in arcms through 2018-03-19. SQL injection exists via the json/newslist limit parameter because of ctl/main/Json.php, ctl/main/service/Data.php, and...

9.8CVSS

9.8AI Score

0.002EPSS

2018-11-26 07:29 AM

cve

CVE-2018-19557

An issue was discovered in arcms through 2018-03-19. No authentication is required for index/main, user/useradd, or...

9.8CVSS

9.5AI Score

0.005EPSS

2018-11-26 07:29 AM