Lucene search
KiteskyKitecms1.1
5 matches found
CVE-2021-3267
File Upload vulnerability found in KiteCMS v.1.1 allows a remote attacker to execute arbitrary code via the uploadFile function.
7.2CVSS7.3AI score0.00764EPSS
CVE-2021-36546
Incorrect Access Control issue discovered in KiteCMS 1.1 allows remote attackers to view sensitive information via path in application URL.
7.5CVSS7.3AI score0.00087EPSS
CVE-2020-20522
Cross Site Scripting vulnerability found in KiteCMS v.1.1 allows a remote attacker to execute arbitrary code via the registering user parameter.
6.1CVSS6.4AI score0.00202EPSS
CVE-2020-20671
A cross-site request forgery (CSRF) in KiteCMS V1.1 allows attackers to arbitrarily add an administrator account.
8.8CVSS8.7AI score0.00141EPSS
CVE-2020-20672
An arbitrary file upload vulnerability in /admin/upload/uploadfile of KiteCMS V1.1 allows attackers to getshell via a crafted PHP file.
7.8CVSS7.5AI score0.00201EPSS