VYPR

PHP-CMS

by PHP CMS

CVEs (4)

  • CVE-2022-26613CriApr 6, 2022
    risk 0.64cvss 9.8epss 0.01

    PHP-CMS v1.0 was discovered to contain a SQL injection vulnerability via the category parameter in categorymenu.php.

  • CVE-2018-18887CriNov 1, 2018
    risk 0.64cvss 9.8epss 0.01

    S-CMS PHP 1.0 has SQL injection in member/member_news.php via the type parameter (aka the $N_type field).

  • CVE-2020-18263HigNov 3, 2021
    risk 0.49cvss 7.5epss 0.01

    PHP-CMS v1.0 was discovered to contain a SQL injection vulnerability in the component search.php via the search parameter. This vulnerability allows attackers to access sensitive database information.

  • CVE-2020-20699MedJul 30, 2021
    risk 0.31cvss 4.8epss 0.01

    A cross site scripting (XSS) vulnerability in S-CMS PHP v3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the Copyright text box under Basic Settings.