Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cscms vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2018-16337
An issue exists in Cscms V4.1.8. There is a CSRF vulnerability that can modify a website's basic configuration via upload/admin.php/setting/save.
Chshcms Cscms 4.1.8
8.8
CVSSv3
CVE-2018-16448
Cscms 4 allows CSRF for creating a member via upload/admin.php/user/save, authenticating vip members via upload/admin.php/user/init/tid and upload/admin.php/user/init/rzid, and creating a super administrator and web editor via upload/admin.php/sys/save.
Chshcms Cscms 4.0
7.2
CVSSv3
CVE-2022-29661
CSCMS Music Portal System v4.2 exists to contain a blind SQL injection vulnerability via the id parameter at /admin.php/pic/admin/type/save.
Chshcms Cscms Music Portal System 4.2
7.2
CVSSv3
CVE-2022-29665
CSCMS Music Portal System v4.2 exists to contain a SQL injection vulnerability via the id parameter at /admin.php/news/admin/topic/save.
Chshcms Cscms Music Portal System 4.2
8.8
CVSSv3
CVE-2022-29667
CSCMS Music Portal System v4.2 exists to contain a SQL injection vulnerability via /admin.php/pic/admin/pic/hy. This vulnerability is exploited via restoring deleted photos.
Chshcms Cscms Music Portal System 4.2
7.2
CVSSv3
CVE-2022-29676
CSCMS Music Portal System v4.2 exists to contain a SQL injection vulnerability via the id parameter at /admin.php/pic/admin/lists/zhuan.
Chshcms Cscms Music Portal System 4.2
7.2
CVSSv3
CVE-2022-29683
CSCMS Music Portal System v4.2 exists to contain a blind SQL injection vulnerability via the id parameter at /admin.php/Label/page_del.
Chshcms Cscms Music Portal System 4.2
8.8
CVSSv3
CVE-2022-29685
CSCMS Music Portal System v4.2 exists to contain a blind SQL injection vulnerability via the id parameter at /admin.php/User/level_sort.
Chshcms Cscms Music Portal System 4.2
7.2
CVSSv3
CVE-2022-29686
CSCMS Music Portal System v4.2 exists to contain a blind SQL injection vulnerability via the id parameter at /admin.php/singer/admin/lists/zhuan.
Chshcms Cscms Music Portal System 4.2
7.2
CVSSv3
CVE-2022-29688
CSCMS Music Portal System v4.2 exists to contain a blind SQL injection vulnerability via the id parameter at /admin.php/singer/admin/singer/hy.
Chshcms Cscms Music Portal System 4.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-25525
CVE-2024-4652
CVE-2024-1438
CVE-2024-4671
CVE-2024-34351
arbitrary
CVE-2024-4650
SQL injection
overflow
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »