Kitecms Security Vulnerabilities and Issues — Kitecms CVE List

Lucene search

KiteskyKitecms

3 matches found

CVE•added 2021/08/12 10:15 p.m.•47 views

CVE-2021-31731

A directory traversal issue in KiteCMS 1.1.1 allows remote administrators to overwrite arbitrary files via ../ in the path parameter to index.php/admin/Template/fileedit, with PHP code in the html parameter.

6.5CVSS6.6AI score0.00593EPSS

CVE•added 2021/09/13 10:15 p.m.•32 views

CVE-2020-20671

A cross-site request forgery (CSRF) in KiteCMS V1.1 allows attackers to arbitrarily add an administrator account.

8.8CVSS8.7AI score0.00141EPSS

CVE•added 2021/09/13 10:15 p.m.•26 views

CVE-2020-20672

An arbitrary file upload vulnerability in /admin/upload/uploadfile of KiteCMS V1.1 allows attackers to getshell via a crafted PHP file.

7.8CVSS7.5AI score0.00201EPSS