Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cscms vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2018-11527
An issue exists in CScms v4.1. A Cross-site request forgery (CSRF) vulnerability in plugins/sys/admin/Sys.php allows remote malicious users to change the administrator's username and password via /admin.php/sys/editpass_save.
Cscms Project Cscms 4.1
7.5
CVSSv2
CVE-2020-22848
A remote code execution (RCE) vulnerability in the \Playsong.php component of cscms v4.1 allows malicious users to execute arbitrary commands.
Chshcms Cscms 4.1
6.5
CVSSv2
CVE-2022-27365
Cscms Music Portal System v4.2 exists to contain a SQL injection vulnerability via the component dance_Dance.php_del.
Chshcms Cscms 4.2
6.5
CVSSv2
CVE-2022-27366
Cscms Music Portal System v4.2 exists to contain a blind SQL injection vulnerability via the component dance_Dance.php_hy.
Chshcms Cscms 4.2
6.5
CVSSv2
CVE-2022-27367
Cscms Music Portal System v4.2 exists to contain a SQL injection vulnerability via the component dance_Topic.php_del.
Chshcms Cscms 4.2
6.5
CVSSv2
CVE-2022-27369
Cscms Music Portal System v4.2 exists to contain a SQL injection vulnerability via the component news_News.php_hy.
Chshcms Cscms 4.2
5
CVSSv2
CVE-2020-21238
An issue in the user login box of CSCMS v4.0 allows malicious users to hijack user accounts via brute force attacks.
Chshcms Cscms 4.0
7.5
CVSSv2
CVE-2020-28102
cscms v4.1 allows for SQL injection via the "js_del" function.
Chshcms Cscms 4.1
7.5
CVSSv2
CVE-2020-28103
cscms v4.1 allows for SQL injection via the "page_del" function.
Chshcms Cscms 4.1
4.3
CVSSv2
CVE-2018-16337
An issue exists in Cscms V4.1.8. There is a CSRF vulnerability that can modify a website's basic configuration via upload/admin.php/setting/save.
Chshcms Cscms 4.1.8
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middle
CVE-2024-34558
CVE-2024-32674
CVE-2024-34351
XPath injection
CVE-2023-45866
CVE-2024-25528
CVE-2024-25517
path traversal
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »