Kentico Cms Security Vulnerabilities and Issues — Kentico Cms CVE List

Lucene search

KenticoKentico Cms

3 matches found

CVE•added 2021/03/05 11:15 p.m.•71 views

CVE-2021-27581

The Blog module in Kentico CMS 5.5 R2 build 5.5.3996 allows SQL injection via the tagname parameter.

9.8CVSS9.8AI score0.00416EPSS

CVE•added 2018/03/23 3:29 p.m.•70 views

CVE-2017-17736

Kentico 9.0 before 9.0.51 and 10.0 before 10.0.48 allows remote attackers to obtain Global Administrator access by visiting CMSInstall/install.aspx and then navigating to the CMS Administration Dashboard.

9.8CVSS9.3AI score0.90978EPSS

CVE•added 2018/02/20 3:29 p.m.•43 views

CVE-2018-7046

Arbitrary code execution vulnerability in Kentico 9 through 11 allows remote authenticated users to execute arbitrary operating system commands in a dynamic .NET code evaluation context via C# code in a "Pages -> Edit -> Template -> Edit template properties -> Layout" box. NOTE: the ven...

9CVSS7.3AI score0.02081EPSS