Lucene search
ComsenzDuomicms3.0
2 matches found
CVE-2018-18084
An issue was discovered in DuomiCMS 3.0. SQL injection exists in the ajax.php file, as demonstrated by the uid parameter.
9.8CVSS9.8AI score0.00264EPSS
CVE-2018-18083
An issue was discovered in DuomiCMS 3.0. Remote PHP code execution is possible via the search.php searchword parameter because "eval" is used during "if" processing.
9.8CVSS9.6AI score0.01185EPSS