VYPR

AyaCMS

by AyaCMS

CVEs (7)

  • CVE-2022-47926CriDec 22, 2022
    risk 0.64cvss 9.8epss 0.01

    AyaCMS 3.1.2 is vulnerable to file deletion via /aya/module/admin/fst_del.inc.php

  • CVE-2022-46102CriDec 22, 2022
    risk 0.64cvss 9.8epss 0.01

    AyaCMS 3.1.2 is vulnerable to Arbitrary file upload via /aya/module/admin/fst_down.inc.php

  • CVE-2022-45550CriDec 7, 2022
    risk 0.64cvss 9.8epss 0.01

    AyaCMS 3.1.2 is vulnerable to Remote Code Execution (RCE).

  • CVE-2022-43074CriNov 10, 2022
    risk 0.64cvss 9.8epss 0.01

    AyaCMS v3.1.2 was discovered to contain an arbitrary file upload vulnerability via the component /admin/fst_upload.inc.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.

  • CVE-2022-46101HigDec 22, 2022
    risk 0.57cvss 8.8epss 0.01

    AyaCMS v3.1.2 was found to have a code flaw in the ust_sql.inc.php file, which allows attackers to cause command execution by inserting malicious code.

  • CVE-2022-45548HigDec 6, 2022
    risk 0.57cvss 8.8epss 0.01

    AyaCMS v3.1.2 has an Arbitrary File Upload vulnerability.

  • CVE-2022-48116HigJan 27, 2023
    risk 0.47cvss 7.2epss 0.01

    AyaCMS v3.1.2 was discovered to contain a remote code execution (RCE) vulnerability via the component /admin/tpl_edit.inc.php.