VYPR

Rhymix

by Rhymix

Source repositories

CVEs (4)

  • CVE-2018-19601CriJan 3, 2019
    risk 0.59cvss 9.1epss 0.01

    Rhymix CMS 1.9.8.1 allows SSRF via an index.php?module=admin&act=dispModuleAdminFileBox SVG upload.

  • CVE-2025-45242HigMay 5, 2025
    risk 0.50cvss 7.7epss 0.00

    Rhymix v2.1.22 was discovered to contain an arbitrary file deletion vulnerability via the procFileAdminEditImage method in /file/file.admin.controller.php.

  • CVE-2018-19600MedJan 3, 2019
    risk 0.31cvss 4.8epss 0.01

    Rhymix CMS 1.9.8.1 allows XSS via an index.php?module=admin&act=dispModuleAdminFileBox SVG upload.

  • CVE-2024-55089MedDec 18, 2024
    risk 0.00cvss 4.1epss 0.00

    Rhymix before 2.1.24 is vulnerable to Server-Side Request Forgery (SSRF) in the background import data function because XML documents may contain external entities.