VYPR

Nuuo CMS

by Nuuo

CVEs (5)

  • CVE-2018-17888Oct 12, 2018
    risk 0.06cvss epss 0.30

    NUUO CMS all versions 3.1 and prior, The application uses a session identification mechanism that could allow attackers to obtain the active session ID, which could allow arbitrary remote code execution.

  • CVE-2022-25521Mar 29, 2022
    risk 0.00cvss epss 0.02

    NUUO v03.11.00 was discovered to contain access control issue.

  • CVE-2018-17890Oct 12, 2018
    risk 0.00cvss epss 0.03

    NUUO CMS all versions 3.1 and prior, The application uses insecure and outdated software components for functionality, which could allow arbitrary code execution.

  • CVE-2018-17892Oct 12, 2018
    risk 0.00cvss epss 0.03

    NUUO CMS all versions 3.1 and prior, The application implements a method of user account control that causes standard account security features to not be utilized as intended, which could allow user account compromise and may allow for remote code execution.

  • CVE-2018-17894Oct 12, 2018
    risk 0.00cvss epss 0.02

    NUUO CMS all versions 3.1 and prior, The application creates default accounts that have hard-coded passwords, which could allow an attacker to gain privileged access.