Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cuppacms cuppacms 1.0 vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2022-25401
The copy function of the file manager in Cuppa CMS v1.0 allows any file to be copied to the current directory, granting attackers read access to arbitrary files.
Cuppacms Cuppacms 1.0
605
VMScore
CVE-2022-25485
CuppaCMS v1.0 exists to contain a local file inclusion via the url parameter in /alerts/alertLightbox.php.
Cuppacms Cuppacms 1.0
605
VMScore
CVE-2022-25486
CuppaCMS v1.0 exists to contain a local file inclusion via the url parameter in /alerts/alertConfigField.php.
Cuppacms Cuppacms 1.0
668
VMScore
CVE-2022-25495
The component /jquery_file_upload/server/php/index.php of CuppaCMS v1.0 allows malicious users to upload arbitrary files and execute arbitrary code via a crafted PHP file.
Cuppacms Cuppacms 1.0
445
VMScore
CVE-2022-25497
CuppaCMS v1.0 exists to contain an arbitrary file read via the copy function.
Cuppacms Cuppacms 1.0
668
VMScore
CVE-2022-25498
CuppaCMS v1.0 exists to contain a remote code execution (RCE) vulnerability via the saveConfigData function in /classes/ajax/Functions.php.
Cuppacms Cuppacms 1.0
694
VMScore
CVE-2022-24265
Cuppa CMS v1.0 exists to contain a SQL injection vulnerability in /administrator/components/menu/ via the path=component/menu/&menu_filter=3 parameter.
Cuppacms Cuppacms 1.0
694
VMScore
CVE-2022-24266
Cuppa CMS v1.0 exists to contain a SQL injection vulnerability in /administrator/components/table_manager/ via the order_by parameter.
Cuppacms Cuppacms 1.0
NA
CVE-2023-47990
SQL Injection vulnerability in components/table_manager/html/edit_admin_table.php in CuppaCMS V1.0 allows malicious users to run arbitrary SQL commands via the table parameter.
Cuppacms Cuppacms 1.0
NA
CVE-2023-39681
Cuppa CMS v1.0 exists to contain a remote code execution (RCE) vulnerability via the email_outgoing parameter at /Configuration.php. This vulnerability is triggered via a crafted payload.
Cuppacms Cuppacms 1.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »