Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
chshcms vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2018-16730
\upload\plugins\sys\Install.php in CScms 4.1 has XSS via the site name.
Chshcms Cscms 4.1
8.8
CVSSv3
CVE-2018-16732
\upload\plugins\sys\admin\Setting.php in CScms 4.1 allows CSRF via admin.php/setting/ftp_save.
Chshcms Cscms 4.1
8.1
CVSSv3
CVE-2019-6779
Cscms 4.1.8 allows admin.php/links/save CSRF to add, modify, or delete friend links.
Chshcms Cscms 4.1.8
5.4
CVSSv3
CVE-2022-27090
Cscms Music Portal System v4.2 exists to contain a redirection vulnerability via the backurl parameter.
Chshcms Cscms 4.2
9.8
CVSSv3
CVE-2020-28103
cscms v4.1 allows for SQL injection via the "page_del" function.
Chshcms Cscms 4.1
9.8
CVSSv3
CVE-2020-28102
cscms v4.1 allows for SQL injection via the "js_del" function.
Chshcms Cscms 4.1
9.8
CVSSv3
CVE-2020-21238
An issue in the user login box of CSCMS v4.0 allows malicious users to hijack user accounts via brute force attacks.
Chshcms Cscms 4.0
7.2
CVSSv3
CVE-2022-29663
CSCMS Music Portal System v4.2 exists to contain a SQL injection vulnerability via the id parameter at /admin.php/pic/admin/type/hy.
Chshcms Cscms Music Portal System 4.2
7.2
CVSSv3
CVE-2022-29688
CSCMS Music Portal System v4.2 exists to contain a blind SQL injection vulnerability via the id parameter at /admin.php/singer/admin/singer/hy.
Chshcms Cscms Music Portal System 4.2
9.8
CVSSv3
CVE-2022-29660
CSCMS Music Portal System v4.2 exists to contain a SQL injection vulnerability via the id parameter at /admin.php/pic/admin/pic/del.
Chshcms Cscms Music Portal System 4.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »