Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cuppacms cuppacms 1.0 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-37190
CuppaCMS 1.0 is vulnerable to Remote Code Execution (RCE). An authenticated user can control both parameters (action and function) from "/api/index.php.
Cuppacms Cuppacms 1.0
7.5
CVSSv2
CVE-2022-27985
CuppaCMS v1.0 exists to contain a SQL injection vulnerability via /administrator/alerts/alertLightbox.php.
Cuppacms Cuppacms 1.0
NA
CVE-2022-38295
Cuppa CMS v1.0 exists to contain a cross-site scripting vulnerability at /table_manager/view/cu_user_groups. This vulnerability allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field under the Add New Group function.
Cuppacms Cuppacms 1.0
NA
CVE-2022-38296
Cuppa CMS v1.0 exists to contain an arbitrary file upload vulnerability via the File Manager.
Cuppacms Cuppacms 1.0
5
CVSSv2
CVE-2022-25401
The copy function of the file manager in Cuppa CMS v1.0 allows any file to be copied to the current directory, granting attackers read access to arbitrary files.
Cuppacms Cuppacms 1.0
6.8
CVSSv2
CVE-2022-25485
CuppaCMS v1.0 exists to contain a local file inclusion via the url parameter in /alerts/alertLightbox.php.
Cuppacms Cuppacms 1.0
5
CVSSv2
CVE-2022-25497
CuppaCMS v1.0 exists to contain an arbitrary file read via the copy function.
Cuppacms Cuppacms 1.0
NA
CVE-2022-34121
Cuppa CMS v1.0 exists to contain a local file inclusion (LFI) vulnerability via the component /templates/default/html/windows/right.php.
Cuppacms Cuppacms 1.0
7.8
CVSSv2
CVE-2022-24264
Cuppa CMS v1.0 exists to contain a SQL injection vulnerability in /administrator/components/table_manager/ via the search_word parameter.
Cuppacms Cuppacms 1.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
firmware
CVE-2023-52866
CVE-2024-4367
CVE-2024-1721
CVE-2023-34992
XML injection
CVE-2023-52817
SQL
CVE-2023-52855
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2