VYPR

Packagist (Composer) package

melisplatform/melis-cms

pkg:composer/melisplatform/melis-cms

Vulnerabilities (2)

  • CVE-2025-10351CriOct 8, 2025
    affected < 5.3.4fixed 5.3.4

    SQL injection vulnerability based on the melis-cms module of the Melis platform from Melis Technology. This vulnerability allows an attacker to retrieve, create, update, and delete databases through the 'idPage' parameter in the '/melis/MelisCms/PageEdition/getTinyTemplates' endp

  • CVE-2022-39297Oct 12, 2022
    affected < 5.0.1fixed 5.0.1

    MelisCms provides a full CMS for Melis Platform, including templating system, drag'n'drop of plugins, SEO and many administration tools. Attackers can deserialize arbitrary data on affected versions of `melisplatform/melis-cms`, and ultimately leads to the execution of arbitrary