Ed01-cms Security Vulnerabilities and Issues — Ed01-cms CVE List

Lucene search

Ed01-cms ProjectEd01-cms

6 matches found

CVE•added 2022/04/26 9:15 p.m.•65 views

CVE-2022-28524

ED01-CMS v20180505 was discovered to contain a SQL injection vulnerability via the component post.php.

9.8CVSS9.8AI score0.0025EPSS

CVE•added 2022/04/26 9:15 p.m.•62 views

CVE-2022-28525

ED01-CMS v20180505 was discovered to contain an arbitrary file upload vulnerability via /admin/users.php?source=edit_user&id=1.

8.8CVSS8.8AI score0.00401EPSS

CVE•added 2024/04/25 5:15 p.m.•45 views

CVE-2024-30890

Cross Site Scripting vulnerability in ED01-CMS v.1.0 allows an attacker to obtain sensitive information via the categories.php component.

4.7CVSS5.9AI score0.00074EPSS

CVE•added 2021/11/03 6:15 p.m.•33 views

CVE-2020-18261

An arbitrary file upload vulnerability in the image upload function of ED01-CMS v1.0 allows attackers to execute arbitrary commands.

9.8CVSS9.6AI score0.00907EPSS

CVE•added 2021/11/03 6:15 p.m.•25 views

CVE-2020-18259

ED01-CMS v1.0 was discovered to contain a reflective cross-site scripting (XSS) vulnerability in the component sposts.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload inserted into the Post title or Post content fields.

6.1CVSS5.9AI score0.00223EPSS

CVE•added 2021/11/03 6:15 p.m.•22 views

CVE-2020-18262

ED01-CMS v1.0 was discovered to contain a SQL injection in the component cposts.php via the cid parameter.

9.8CVSS9.7AI score0.00245EPSS