Siberiancms@* Security Vulnerabilities and Issues — Siberiancms@* CVE List

Lucene search

SiberiancmsSiberiancms*

6 matches found

CVE•added 2024/07/30 10:15 a.m.•35 views

CVE-2024-41702

SiberianCMS - CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

9.8CVSS9.8AI score0.00123EPSS

CVE•added 2017/03/15 12:59 a.m.•32 views

CVE-2017-6906

An issue was discovered in SiberianCMS before 4.10.0. The vulnerability exists due to insufficient filtration of user-supplied data (log) passed to the "SiberianCMS-master/errors/500.php" URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable web...

6.1CVSS6.3AI score0.00211EPSS

CVE•added 2023/09/27 3:18 p.m.•28 views

CVE-2023-39375

SiberianCMS - CWE-274: Improper Handling of Insufficient Privileges

9.8CVSS8.8AI score0.00146EPSS

CVE•added 2023/09/27 3:18 p.m.•28 views

CVE-2023-39378

SiberianCMS - CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') by an unauthenticated user

8.8CVSS9.2AI score0.00117EPSS

CVE•added 2023/09/27 3:18 p.m.•22 views

CVE-2023-39377

SiberianCMS - CWE-434: Unrestricted Upload of File with Dangerous Type - A malicious user with administrative privileges may be able to upload a dangerous filetype via an unspecified method

7.2CVSS7AI score0.00347EPSS

CVE•added 2023/09/27 3:18 p.m.•19 views

CVE-2023-39376

SiberianCMS - CWE-284 Improper Access Control Authorized user may disable a security feature over the network

6.5CVSS6.5AI score0.00079EPSS