Nuuo Cms
Sign in to watchby Nuuo
CVEs (4)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-17888 | 0.06 | — | 0.41 | Oct 12, 2018 | NUUO CMS all versions 3.1 and prior, The application uses a session identification mechanism that could allow attackers to obtain the active session ID, which could allow arbitrary remote code execution. | ||
| CVE-2018-17890 | 0.00 | — | 0.01 | Oct 12, 2018 | NUUO CMS all versions 3.1 and prior, The application uses insecure and outdated software components for functionality, which could allow arbitrary code execution. | ||
| CVE-2018-17892 | 0.00 | — | 0.04 | Oct 12, 2018 | NUUO CMS all versions 3.1 and prior, The application implements a method of user account control that causes standard account security features to not be utilized as intended, which could allow user account compromise and may allow for remote code execution. | ||
| CVE-2018-17894 | 0.00 | — | 0.01 | Oct 12, 2018 | NUUO CMS all versions 3.1 and prior, The application creates default accounts that have hard-coded passwords, which could allow an attacker to gain privileged access. |