AyaCMS
by AyaCMS
CVEs (7)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-47926 | Cri | 0.64 | 9.8 | 0.01 | Dec 22, 2022 | AyaCMS 3.1.2 is vulnerable to file deletion via /aya/module/admin/fst_del.inc.php | ||
| CVE-2022-46102 | Cri | 0.64 | 9.8 | 0.01 | Dec 22, 2022 | AyaCMS 3.1.2 is vulnerable to Arbitrary file upload via /aya/module/admin/fst_down.inc.php | ||
| CVE-2022-45550 | Cri | 0.64 | 9.8 | 0.01 | Dec 7, 2022 | AyaCMS 3.1.2 is vulnerable to Remote Code Execution (RCE). | ||
| CVE-2022-43074 | Cri | 0.64 | 9.8 | 0.01 | Nov 10, 2022 | AyaCMS v3.1.2 was discovered to contain an arbitrary file upload vulnerability via the component /admin/fst_upload.inc.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file. | ||
| CVE-2022-46101 | Hig | 0.57 | 8.8 | 0.01 | Dec 22, 2022 | AyaCMS v3.1.2 was found to have a code flaw in the ust_sql.inc.php file, which allows attackers to cause command execution by inserting malicious code. | ||
| CVE-2022-45548 | Hig | 0.57 | 8.8 | 0.01 | Dec 6, 2022 | AyaCMS v3.1.2 has an Arbitrary File Upload vulnerability. | ||
| CVE-2022-48116 | Hig | 0.47 | 7.2 | 0.01 | Jan 27, 2023 | AyaCMS v3.1.2 was discovered to contain a remote code execution (RCE) vulnerability via the component /admin/tpl_edit.inc.php. |
- risk 0.64cvss 9.8epss 0.01
AyaCMS 3.1.2 is vulnerable to file deletion via /aya/module/admin/fst_del.inc.php
- risk 0.64cvss 9.8epss 0.01
AyaCMS 3.1.2 is vulnerable to Arbitrary file upload via /aya/module/admin/fst_down.inc.php
- risk 0.64cvss 9.8epss 0.01
AyaCMS 3.1.2 is vulnerable to Remote Code Execution (RCE).
- risk 0.64cvss 9.8epss 0.01
AyaCMS v3.1.2 was discovered to contain an arbitrary file upload vulnerability via the component /admin/fst_upload.inc.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.
- risk 0.57cvss 8.8epss 0.01
AyaCMS v3.1.2 was found to have a code flaw in the ust_sql.inc.php file, which allows attackers to cause command execution by inserting malicious code.
- risk 0.57cvss 8.8epss 0.01
AyaCMS v3.1.2 has an Arbitrary File Upload vulnerability.
- risk 0.47cvss 7.2epss 0.01
AyaCMS v3.1.2 was discovered to contain a remote code execution (RCE) vulnerability via the component /admin/tpl_edit.inc.php.