doyocms
by milken
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-19802 | Cri | 0.64 | 9.8 | 0.01 | Apr 11, 2023 | File Upload vulnerability found in Milken DoyoCMS v.2.3 allows a remote attacker to execute arbitrary code via the upload file type parameter. | ||
| CVE-2021-26740 | Cri | 0.64 | 9.8 | 0.02 | Nov 1, 2021 | Arbitrary file upload vulnerability sysupload.php in millken doyocms 2.3 allows attackers to execute arbitrary code. | ||
| CVE-2021-26739 | Cri | 0.64 | 9.8 | 0.02 | Nov 1, 2021 | SQL Injection vulnerability in pay.php in millken doyocms 2.3, allows attackers to execute arbitrary code, via the attribute parameter. | ||
| CVE-2020-19803 | Hig | 0.57 | 8.8 | 0.00 | Apr 11, 2023 | Cross Site Request Forgery vulnerability found in Milken DoyoCMS v.2.3 allows a remote attacker to execute arbitrary code via the background system settings. |
- risk 0.64cvss 9.8epss 0.01
File Upload vulnerability found in Milken DoyoCMS v.2.3 allows a remote attacker to execute arbitrary code via the upload file type parameter.
- risk 0.64cvss 9.8epss 0.02
Arbitrary file upload vulnerability sysupload.php in millken doyocms 2.3 allows attackers to execute arbitrary code.
- risk 0.64cvss 9.8epss 0.02
SQL Injection vulnerability in pay.php in millken doyocms 2.3, allows attackers to execute arbitrary code, via the attribute parameter.
- risk 0.57cvss 8.8epss 0.00
Cross Site Request Forgery vulnerability found in Milken DoyoCMS v.2.3 allows a remote attacker to execute arbitrary code via the background system settings.