Elitecms
by Elitecms
CVEs (16)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-30808 | Cri | 0.65 | 9.8 | 0.16 | Jun 2, 2022 | elitecms 1.0.1 is vulnerable to Arbitrary code execution via admin/manage_uploads.php. | ||
| CVE-2022-30816 | Cri | 0.64 | 9.8 | 0.01 | Jun 2, 2022 | elitecms 1.01 is vulnerable to SQL Injection via /admin/edit_sidebar.php. | ||
| CVE-2022-30815 | Cri | 0.64 | 9.8 | 0.01 | Jun 2, 2022 | elitecms 1.01 is vulnerable to SQL Injection via admin/edit_sidebar.php?page=2&sidebar= | ||
| CVE-2022-30814 | Cri | 0.64 | 9.8 | 0.01 | Jun 2, 2022 | elitecms v1.01 is vulnerable to SQL Injection via /admin/add_sidebar.php. | ||
| CVE-2022-30813 | Cri | 0.64 | 9.8 | 0.01 | Jun 2, 2022 | elitecms 1.01 is vulnerable to SQL Injection via /admin/add_post.php. | ||
| CVE-2022-30810 | Cri | 0.64 | 9.8 | 0.01 | Jun 2, 2022 | elitecms v1.01 is vulnerable to SQL Injection via admin/edit_post.php. | ||
| CVE-2022-30809 | Cri | 0.64 | 9.8 | 0.01 | Jun 2, 2022 | elitecms 1.01 is vulnerable to SQL Injection via /admin/edit_page.php?page=. | ||
| CVE-2022-24222 | Cri | 0.64 | 9.8 | 0.01 | Feb 1, 2022 | eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/edit_user.php. | ||
| CVE-2022-24221 | Cri | 0.64 | 9.8 | 0.01 | Feb 1, 2022 | eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/functions/functions.php. | ||
| CVE-2022-24220 | Cri | 0.64 | 9.8 | 0.01 | Feb 1, 2022 | eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/edit_post.php. | ||
| CVE-2022-24219 | Cri | 0.64 | 9.8 | 0.01 | Feb 1, 2022 | eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/edit_page.php. | ||
| CVE-2021-46093 | Cri | 0.64 | 9.8 | 0.01 | Feb 1, 2022 | eliteCMS v1.0 is vulnerable to Insecure Permissions via manage_uploads.php. | ||
| CVE-2022-24218 | Cri | 0.61 | 9.1 | 0.17 | Feb 1, 2022 | An issue in /admin/delete_image.php of eliteCMS v1.0 allows attackers to delete arbitrary files. | ||
| CVE-2023-42331 | Hig | 0.57 | 8.8 | 0.01 | Sep 20, 2023 | A file upload vulnerability in EliteCMS v1.01 allows a remote attacker to execute arbitrary code via the manage_uploads.php component. | ||
| CVE-2022-30804 | Med | 0.42 | 6.5 | 0.01 | Jun 2, 2022 | elitecms v1.01 is vulnerable to Delete any file via /admin/delete_image.php?file=. | ||
| CVE-2008-4046 | 0.03 | — | 0.01 | Sep 11, 2008 | SQL injection vulnerability in index.php in eliteCMS 1.0 allows remote attackers to execute arbitrary SQL commands via the page parameter. |
- risk 0.65cvss 9.8epss 0.16
elitecms 1.0.1 is vulnerable to Arbitrary code execution via admin/manage_uploads.php.
- risk 0.64cvss 9.8epss 0.01
elitecms 1.01 is vulnerable to SQL Injection via /admin/edit_sidebar.php.
- risk 0.64cvss 9.8epss 0.01
elitecms 1.01 is vulnerable to SQL Injection via admin/edit_sidebar.php?page=2&sidebar=
- risk 0.64cvss 9.8epss 0.01
elitecms v1.01 is vulnerable to SQL Injection via /admin/add_sidebar.php.
- risk 0.64cvss 9.8epss 0.01
elitecms 1.01 is vulnerable to SQL Injection via /admin/add_post.php.
- risk 0.64cvss 9.8epss 0.01
elitecms v1.01 is vulnerable to SQL Injection via admin/edit_post.php.
- risk 0.64cvss 9.8epss 0.01
elitecms 1.01 is vulnerable to SQL Injection via /admin/edit_page.php?page=.
- risk 0.64cvss 9.8epss 0.01
eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/edit_user.php.
- risk 0.64cvss 9.8epss 0.01
eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/functions/functions.php.
- risk 0.64cvss 9.8epss 0.01
eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/edit_post.php.
- risk 0.64cvss 9.8epss 0.01
eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/edit_page.php.
- risk 0.64cvss 9.8epss 0.01
eliteCMS v1.0 is vulnerable to Insecure Permissions via manage_uploads.php.
- risk 0.61cvss 9.1epss 0.17
An issue in /admin/delete_image.php of eliteCMS v1.0 allows attackers to delete arbitrary files.
- risk 0.57cvss 8.8epss 0.01
A file upload vulnerability in EliteCMS v1.01 allows a remote attacker to execute arbitrary code via the manage_uploads.php component.
- risk 0.42cvss 6.5epss 0.01
elitecms v1.01 is vulnerable to Delete any file via /admin/delete_image.php?file=.
- CVE-2008-4046Sep 11, 2008risk 0.03cvss —epss 0.01
SQL injection vulnerability in index.php in eliteCMS 1.0 allows remote attackers to execute arbitrary SQL commands via the page parameter.