VYPR

cxuucms

by CXUUCMS

CVEs (3)

  • CVE-2020-28091HigNov 18, 2020
    risk 0.52cvss 7.5epss 0.04

    cxuucms v3 has a SQL injection vulnerability, which can lead to the leakage of all database data via the keywords parameter via search.php.

  • CVE-2021-3264HigAug 27, 2021
    risk 0.47cvss 7.2epss 0.01

    SQL Injection vulnerability in cxuucms 3.1 ivia the pid parameter in public/admin.php.

  • CVE-2021-42970MedMar 29, 2022
    risk 0.40cvss 6.1epss 0.01

    Cross Site Scripting (XSS) vulnerability exists in cxuucms v3 via the imgurl of /feedback/post/ content parameter.