Navigatecms
by Navigatecms
Source repositories
CVEs (29)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-25393 | Med | 0.42 | 6.5 | 0.01 | May 29, 2026 | Navigate CMS 2.8.5 contains a path traversal vulnerability that allows authenticated users to download arbitrary files by injecting directory traversal sequences in the id parameter. Attackers can send GET requests to navigate_download.php with path traversal payloads… | ||
| CVE-2018-18029 | Med | 0.35 | 5.4 | 0.01 | Oct 9, 2018 | Navigate CMS has Stored XSS via the navigate.php Title field in an edit action. | ||
| CVE-2018-17849 | Med | 0.35 | 5.4 | 0.01 | Oct 4, 2018 | Navigate CMS 2.8 has Stored XSS via a navigate_upload.php (aka File Upload) request with a multipart/form-data JavaScript payload. | ||
| CVE-2018-17552 | Cri | 0.10 | 9.8 | 0.84 | Oct 3, 2018 | SQL Injection in login.php in Naviwebs Navigate CMS 2.8 allows remote attackers to bypass authentication via the navigate-user cookie. | ||
| CVE-2018-17553 | Hig | 0.09 | 8.8 | 0.79 | Oct 3, 2018 | An "Unrestricted Upload of File with Dangerous Type" issue with directory traversal in navigate_upload.php in Naviwebs Navigate CMS 2.8 allows authenticated attackers to achieve remote code execution via a POST request with engine=picnik and id=../../../navigate_info.php. | ||
| CVE-2022-28117 | 0.08 | — | 0.22 | Apr 28, 2022 | A Server-Side Request Forgery (SSRF) in feed_parser class of Navigate CMS v2.9.4 allows remote attackers to force the application to make arbitrary requests via injection of arbitrary URLs into the feed parameter. | |||
| CVE-2020-37054 | 0.00 | — | 0.00 | Jan 30, 2026 | Navigate CMS 2.8.7 contains a cross-site request forgery vulnerability that allows attackers to upload malicious extensions through a crafted HTML page. Attackers can trick authenticated administrators into executing arbitrary file uploads by leveraging the extension upload… | |||
| CVE-2020-37053 | 0.00 | — | 0.00 | Jan 30, 2026 | Navigate CMS 2.8.7 contains an authenticated SQL injection vulnerability that allows attackers to leak database information by manipulating the 'sidx' parameter in comments. Attackers can exploit the vulnerability to extract user activation keys by using time-based blind SQL… | |||
| CVE-2021-44351 | 0.00 | — | 0.02 | Jan 6, 2022 | An arbitrary file read vulnerability exists in NavigateCMS 2.9 via /navigate/navigate_download.php id parameter. | |||
| CVE-2020-23243 | 0.00 | — | 0.01 | Jul 26, 2021 | Cross Site Scripting (XSS) vulnerability in NavigateCMS NavigateCMS 2.9 via the name="wrong_path_redirect" feature. | |||
| CVE-2020-23242 | 0.00 | — | 0.01 | Jul 26, 2021 | Cross Site Scripting (XSS) vulnerability in NavigateCMS 2.9 when performing a Create or Edit via the Tools feature. | |||
| CVE-2021-37478 | 0.00 | — | 0.02 | Jul 26, 2021 | In NavigateCMS version 2.9.4 and below, function `block` is vulnerable to sql injection on parameter `block-order`, which results in arbitrary sql query execution in the backend database. | |||
| CVE-2021-37477 | 0.00 | — | 0.02 | Jul 26, 2021 | In NavigateCMS version 2.9.4 and below, function in `structure.php` is vulnerable to sql injection on parameter `children_order`, which results in arbitrary sql query execution in the backend database. | |||
| CVE-2021-37476 | 0.00 | — | 0.02 | Jul 26, 2021 | In NavigateCMS version 2.9.4 and below, function in `product.php` is vulnerable to sql injection on parameter `id` through a post request, which results in arbitrary sql query execution in the backend database. | |||
| CVE-2021-37475 | 0.00 | — | 0.02 | Jul 26, 2021 | In NavigateCMS version 2.9.4 and below, function in `templates.php` is vulnerable to sql injection on parameter `template-properties-order`, which results in arbitrary sql query execution in the backend database. | |||
| CVE-2021-37473 | 0.00 | — | 0.02 | Jul 26, 2021 | In NavigateCMS version 2.9.4 and below, function in `product.php` is vulnerable to sql injection on parameter `products-order` through a post request, which results in arbitrary sql query execution in the backend database. | |||
| CVE-2020-23711 | 0.00 | — | 0.01 | Jun 28, 2021 | SQL Injection vulnerability in NavigateCMS 2.9 via the URL encoded GET input category in navigate.php. | |||
| CVE-2020-23657 | 0.00 | — | 0.01 | Aug 26, 2020 | NavigateCMS 2.9 is affected by Cross Site Scripting (XSS) on module "Configuration." | |||
| CVE-2020-23656 | 0.00 | — | 0.01 | Aug 26, 2020 | NavigateCMS 2.9 is affected by Cross Site Scripting (XSS) on module "Content." | |||
| CVE-2020-23655 | 0.00 | — | 0.01 | Aug 26, 2020 | NavigateCMS 2.9 is affected by Cross Site Scripting (XSS) on module "Configuration." |
- risk 0.42cvss 6.5epss 0.01
Navigate CMS 2.8.5 contains a path traversal vulnerability that allows authenticated users to download arbitrary files by injecting directory traversal sequences in the id parameter. Attackers can send GET requests to navigate_download.php with path traversal payloads…
- risk 0.35cvss 5.4epss 0.01
Navigate CMS has Stored XSS via the navigate.php Title field in an edit action.
- risk 0.35cvss 5.4epss 0.01
Navigate CMS 2.8 has Stored XSS via a navigate_upload.php (aka File Upload) request with a multipart/form-data JavaScript payload.
- risk 0.10cvss 9.8epss 0.84
SQL Injection in login.php in Naviwebs Navigate CMS 2.8 allows remote attackers to bypass authentication via the navigate-user cookie.
- risk 0.09cvss 8.8epss 0.79
An "Unrestricted Upload of File with Dangerous Type" issue with directory traversal in navigate_upload.php in Naviwebs Navigate CMS 2.8 allows authenticated attackers to achieve remote code execution via a POST request with engine=picnik and id=../../../navigate_info.php.
- CVE-2022-28117Apr 28, 2022risk 0.08cvss —epss 0.22
A Server-Side Request Forgery (SSRF) in feed_parser class of Navigate CMS v2.9.4 allows remote attackers to force the application to make arbitrary requests via injection of arbitrary URLs into the feed parameter.
- CVE-2020-37054Jan 30, 2026risk 0.00cvss —epss 0.00
Navigate CMS 2.8.7 contains a cross-site request forgery vulnerability that allows attackers to upload malicious extensions through a crafted HTML page. Attackers can trick authenticated administrators into executing arbitrary file uploads by leveraging the extension upload…
- CVE-2020-37053Jan 30, 2026risk 0.00cvss —epss 0.00
Navigate CMS 2.8.7 contains an authenticated SQL injection vulnerability that allows attackers to leak database information by manipulating the 'sidx' parameter in comments. Attackers can exploit the vulnerability to extract user activation keys by using time-based blind SQL…
- CVE-2021-44351Jan 6, 2022risk 0.00cvss —epss 0.02
An arbitrary file read vulnerability exists in NavigateCMS 2.9 via /navigate/navigate_download.php id parameter.
- CVE-2020-23243Jul 26, 2021risk 0.00cvss —epss 0.01
Cross Site Scripting (XSS) vulnerability in NavigateCMS NavigateCMS 2.9 via the name="wrong_path_redirect" feature.
- CVE-2020-23242Jul 26, 2021risk 0.00cvss —epss 0.01
Cross Site Scripting (XSS) vulnerability in NavigateCMS 2.9 when performing a Create or Edit via the Tools feature.
- CVE-2021-37478Jul 26, 2021risk 0.00cvss —epss 0.02
In NavigateCMS version 2.9.4 and below, function `block` is vulnerable to sql injection on parameter `block-order`, which results in arbitrary sql query execution in the backend database.
- CVE-2021-37477Jul 26, 2021risk 0.00cvss —epss 0.02
In NavigateCMS version 2.9.4 and below, function in `structure.php` is vulnerable to sql injection on parameter `children_order`, which results in arbitrary sql query execution in the backend database.
- CVE-2021-37476Jul 26, 2021risk 0.00cvss —epss 0.02
In NavigateCMS version 2.9.4 and below, function in `product.php` is vulnerable to sql injection on parameter `id` through a post request, which results in arbitrary sql query execution in the backend database.
- CVE-2021-37475Jul 26, 2021risk 0.00cvss —epss 0.02
In NavigateCMS version 2.9.4 and below, function in `templates.php` is vulnerable to sql injection on parameter `template-properties-order`, which results in arbitrary sql query execution in the backend database.
- CVE-2021-37473Jul 26, 2021risk 0.00cvss —epss 0.02
In NavigateCMS version 2.9.4 and below, function in `product.php` is vulnerable to sql injection on parameter `products-order` through a post request, which results in arbitrary sql query execution in the backend database.
- CVE-2020-23711Jun 28, 2021risk 0.00cvss —epss 0.01
SQL Injection vulnerability in NavigateCMS 2.9 via the URL encoded GET input category in navigate.php.
- CVE-2020-23657Aug 26, 2020risk 0.00cvss —epss 0.01
NavigateCMS 2.9 is affected by Cross Site Scripting (XSS) on module "Configuration."
- CVE-2020-23656Aug 26, 2020risk 0.00cvss —epss 0.01
NavigateCMS 2.9 is affected by Cross Site Scripting (XSS) on module "Content."
- CVE-2020-23655Aug 26, 2020risk 0.00cvss —epss 0.01
NavigateCMS 2.9 is affected by Cross Site Scripting (XSS) on module "Configuration."
Page 1 of 2