Webedition Cms Security Vulnerabilities and Issues — Webedition Cms CVE List

Lucene search

WebeditionWebedition Cms

5 matches found

CVE•added 2024/03/14 1:15 p.m.•54 views

CVE-2024-28417

Webedition CMS 9.2.2.0 has a Stored XSS vulnerability via /webEdition/we_cmd.php.

6.3CVSS5.8AI score0.00059EPSS

CVE•added 2024/03/14 1:15 p.m.•51 views

CVE-2024-28418

Webedition CMS 9.2.2.0 has a File upload vulnerability via /webEdition/we_cmd.php

6.5CVSS6.9AI score0.00115EPSS

CVE•added 2014/11/06 6:55 p.m.•46 views

CVE-2014-5258

Directory traversal vulnerability in showTempFile.php in webEdition CMS before 6.3.9.0 Beta allows remote authenticated users to read arbitrary files via a .. (dot dot) in the file parameter.

4CVSS6.1AI score0.83495EPSS

CVE•added 2014/06/13 2:55 p.m.•35 views

CVE-2014-2303

Multiple SQL injection vulnerabilities in the file browser component (we_fs.php) in webEdition CMS before 6.2.7-s1.2 and 6.3.x through 6.3.8 before -s1 allow remote attackers to execute arbitrary SQL commands via the (1) table or (2) order parameter.

7.5CVSS8.7AI score0.04029EPSS

CVE•added 2018/07/19 5:29 p.m.•33 views

CVE-2014-2302

The installer script in webEdition CMS before 6.2.7-s1 and 6.3.x before 6.3.8-s1 allows remote attackers to conduct PHP Object Injection attacks by intercepting a request to update.webedition.org.

9.8CVSS9.4AI score0.15675EPSS