CSCMS Music Portal System
by chshcms
CVEs (17)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-29689 | 0.00 | — | 0.00 | May 26, 2022 | CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/singer/admin/singer/del. | |||
| CVE-2022-29686 | 0.00 | — | 0.00 | May 26, 2022 | CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/singer/admin/lists/zhuan. | |||
| CVE-2022-29685 | 0.00 | — | 0.00 | May 26, 2022 | CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/User/level_sort. | |||
| CVE-2022-29683 | 0.00 | — | 0.00 | May 26, 2022 | CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/Label/page_del. | |||
| CVE-2022-29682 | 0.00 | — | 0.00 | May 26, 2022 | CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/vod/admin/topic/del. | |||
| CVE-2022-29680 | 0.00 | — | 0.00 | May 26, 2022 | CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/user/zu_del. | |||
| CVE-2022-29681 | 0.00 | — | 0.00 | May 26, 2022 | CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/Links/del. | |||
| CVE-2022-29669 | 0.00 | — | 0.00 | May 26, 2022 | CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/news/admin/lists/zhuan. | |||
| CVE-2022-29667 | 0.00 | — | 0.00 | May 26, 2022 | CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via /admin.php/pic/admin/pic/hy. This vulnerability is exploited via restoring deleted photos. | |||
| CVE-2022-29666 | 0.00 | — | 0.00 | May 26, 2022 | CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/pic/admin/lists/zhuan. | |||
| CVE-2022-29664 | 0.00 | — | 0.00 | May 26, 2022 | CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/pic/admin/type/pl_save. | |||
| CVE-2022-29663 | 0.00 | — | 0.00 | May 26, 2022 | CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/pic/admin/type/hy. | |||
| CVE-2022-29661 | 0.00 | — | 0.00 | May 26, 2022 | CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/pic/admin/type/save. | |||
| CVE-2022-29660 | 0.00 | — | 0.00 | May 26, 2022 | CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/pic/admin/pic/del. | |||
| CVE-2022-27369 | 0.00 | — | 0.00 | Apr 15, 2022 | Cscms Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the component news_News.php_hy. | |||
| CVE-2022-27365 | 0.00 | — | 0.00 | Apr 15, 2022 | Cscms Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the component dance_Dance.php_del. | |||
| CVE-2022-27090 | 0.00 | — | 0.00 | Mar 21, 2022 | Cscms Music Portal System v4.2 was discovered to contain a redirection vulnerability via the backurl parameter. |
- CVE-2022-29689May 26, 2022risk 0.00cvss —epss 0.00
CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/singer/admin/singer/del.
- CVE-2022-29686May 26, 2022risk 0.00cvss —epss 0.00
CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/singer/admin/lists/zhuan.
- CVE-2022-29685May 26, 2022risk 0.00cvss —epss 0.00
CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/User/level_sort.
- CVE-2022-29683May 26, 2022risk 0.00cvss —epss 0.00
CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/Label/page_del.
- CVE-2022-29682May 26, 2022risk 0.00cvss —epss 0.00
CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/vod/admin/topic/del.
- CVE-2022-29680May 26, 2022risk 0.00cvss —epss 0.00
CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/user/zu_del.
- CVE-2022-29681May 26, 2022risk 0.00cvss —epss 0.00
CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/Links/del.
- CVE-2022-29669May 26, 2022risk 0.00cvss —epss 0.00
CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/news/admin/lists/zhuan.
- CVE-2022-29667May 26, 2022risk 0.00cvss —epss 0.00
CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via /admin.php/pic/admin/pic/hy. This vulnerability is exploited via restoring deleted photos.
- CVE-2022-29666May 26, 2022risk 0.00cvss —epss 0.00
CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/pic/admin/lists/zhuan.
- CVE-2022-29664May 26, 2022risk 0.00cvss —epss 0.00
CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/pic/admin/type/pl_save.
- CVE-2022-29663May 26, 2022risk 0.00cvss —epss 0.00
CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/pic/admin/type/hy.
- CVE-2022-29661May 26, 2022risk 0.00cvss —epss 0.00
CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/pic/admin/type/save.
- CVE-2022-29660May 26, 2022risk 0.00cvss —epss 0.00
CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/pic/admin/pic/del.
- CVE-2022-27369Apr 15, 2022risk 0.00cvss —epss 0.00
Cscms Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the component news_News.php_hy.
- CVE-2022-27365Apr 15, 2022risk 0.00cvss —epss 0.00
Cscms Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the component dance_Dance.php_del.
- CVE-2022-27090Mar 21, 2022risk 0.00cvss —epss 0.00
Cscms Music Portal System v4.2 was discovered to contain a redirection vulnerability via the backurl parameter.