VYPR

damicms

by AutismJH

CVEs (2)

  • CVE-2020-18458HigAug 12, 2021
    risk 0.52cvss 8.0epss 0.00

    Cross Site Request Forgery (CSRF) vulnerability exists in DamiCMS v6.0.6 that can add an admin account via admin.php?s=/Admin/doadd.

  • CVE-2020-18451MedAug 12, 2021
    risk 0.31cvss 4.8epss 0.01

    Cross Site Scripting (XSS) vulnerability exists in DamiCMS v6.0.6 via the title parameter in the doadd function in LabelAction.class.php.