Vulmon
Recent Vulnerabilities
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
victor cms vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2020-15599
Victor CMS through 2019-02-28 allows XSS via the register.php user_firstname or user_lastname field....
5
CVSSv2
CVE-2020-23945
A SQL injection vulnerability exists in Victor CMS V1.0 in the cat_id parameter of the category.php file. This parameter can be used by sqlmap to obtain data information in the database....
7.5
CVSSv2
CVE-2020-29280
The Victor CMS v1.0 application is vulnerable to SQL injection via the 'search' parameter on the search.php page....
3.5
CVSSv2
CVE-2018-16775
An issue was discovered in Victor CMS through 2018-05-10. There is XSS via the site name in the "Categories" menu....
4.3
CVSSv2
CVE-2018-15603
An issue was discovered in Victor CMS through 2018-05-10. There is XSS via the Author field of the "Leave a Comment" screen....
4.3
CVSSv2
CVE-2020-13427
Victor CMS 1.0 has Persistent XSS in admin/users.php?source=add_user via the user_name, user_firstname, or user_lastname parameter....
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-2046
blind SQL injection
CVE-2019-8791
race condition
CVE-2021-2045
CVE-2019-8792
bypass
CVE-2021-2060
CVE-2021-2123