VYPR

Chaoji CMS

by Chaoji CMS

CVEs (4)

  • CVE-2020-19962MedOct 14, 2021
    risk 0.35cvss 5.4epss 0.01

    A stored cross-site scripting (XSS) vulnerability in the getClientIp function in /lib/tinwin.class.php of Chaoji CMS 2.39, allows attackers to execute arbitrary web scripts.

  • CVE-2020-18414MedJun 27, 2023
    risk 0.31cvss 4.8epss 0.00

    Stored cross site scripting (XSS) vulnerability in Chaoji CMS v2.18 that allows attackers to execute arbitrary code via /index.php?admin-master-webset.

  • CVE-2020-18413MedJun 27, 2023
    risk 0.31cvss 4.8epss 0.00

    Stored cross site scripting (XSS) vulnerability in /index.php?admin-master-navmenu-add of Chaoji CMS v2.18 that allows attackers to execute arbitrary code.

  • CVE-2020-18410MedJun 27, 2023
    risk 0.31cvss 4.8epss 0.00

    A stored cross site scripting (XSS) vulnerability in /index.php?admin-master-article-edit of Chaoji CMS v2.18 that allows attackers to obtain administrator privileges.