Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cuppacms cuppacms 1.0 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-47990
SQL Injection vulnerability in components/table_manager/html/edit_admin_table.php in CuppaCMS V1.0 allows malicious users to run arbitrary SQL commands via the table parameter.
Cuppacms Cuppacms 1.0
9.8
CVSSv3
CVE-2023-39681
Cuppa CMS v1.0 exists to contain a remote code execution (RCE) vulnerability via the email_outgoing parameter at /Configuration.php. This vulnerability is triggered via a crafted payload.
Cuppacms Cuppacms 1.0
6.5
CVSSv3
CVE-2022-37191
The component "cuppa/api/index.php" of CuppaCMS v1.0 is Vulnerable to LFI. An authenticated user can read system files via crafted POST request using [function] parameter value as LFI payload.
Cuppacms Cuppacms 1.0
8.8
CVSSv3
CVE-2022-37190
CuppaCMS 1.0 is vulnerable to Remote Code Execution (RCE). An authenticated user can control both parameters (action and function) from "/api/index.php.
Cuppacms Cuppacms 1.0
9.8
CVSSv3
CVE-2022-38296
Cuppa CMS v1.0 exists to contain an arbitrary file upload vulnerability via the File Manager.
Cuppacms Cuppacms 1.0
6.1
CVSSv3
CVE-2022-38295
Cuppa CMS v1.0 exists to contain a cross-site scripting vulnerability at /table_manager/view/cu_user_groups. This vulnerability allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field under the Add New Group function.
Cuppacms Cuppacms 1.0
7.5
CVSSv3
CVE-2022-34121
Cuppa CMS v1.0 exists to contain a local file inclusion (LFI) vulnerability via the component /templates/default/html/windows/right.php.
Cuppacms Cuppacms 1.0
9.8
CVSSv3
CVE-2022-27985
CuppaCMS v1.0 exists to contain a SQL injection vulnerability via /administrator/alerts/alertLightbox.php.
Cuppacms Cuppacms 1.0
9.8
CVSSv3
CVE-2022-27984
CuppaCMS v1.0 exists to contain a SQL injection vulnerability via the menu_filter parameter at /administrator/templates/default/html/windows/right.php.
Cuppacms Cuppacms 1.0
7.8
CVSSv3
CVE-2022-25485
CuppaCMS v1.0 exists to contain a local file inclusion via the url parameter in /alerts/alertLightbox.php.
Cuppacms Cuppacms 1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »