Engineercms Security Vulnerabilities and Issues — Engineercms CVE List

Lucene search

Engineercms ProjectEngineercms

3 matches found

CVE•added 2021/07/30 2:15 p.m.•45 views

CVE-2021-36605

engineercms 1.03 is vulnerable to Cross Site Scripting (XSS). There is no escaping in the nickname field on the user list page. When viewing this page, the JavaScript code will be executed in the user's browser.

5.4CVSS5.3AI score0.00172EPSS

CVE•added 2025/05/12 4:15 p.m.•36 views

CVE-2025-44830

EngineerCMS v1.02 through v.2.0.5 has a SQL injection vulnerability in the /project/addprojtemplet interface.

9.8CVSS8.2AI score0.00046EPSS

CVE•added 2025/05/13 3:15 p.m.•28 views

CVE-2025-44831

EngineerCMS v1.02 through v2.0.5 has a SQL injection vulnerability in the /project/addproject interface.

9.8CVSS8.2AI score0.00046EPSS