VYPR

ABO.CMS

by ABO.CMS

CVEs (4)

  • CVE-2024-25227CriMar 15, 2024
    risk 0.64cvss 9.8epss 0.01

    SQL Injection vulnerability in ABO.CMS version 5.8, allows remote attackers to execute arbitrary code, cause a denial of service (DoS), escalate privileges, and obtain sensitive information via the tb_login parameter in admin login page.

  • CVE-2023-46953CriJan 6, 2024
    risk 0.64cvss 9.8epss 0.01

    SQL Injection vulnerability in ABO.CMS v.5.9.3, allows remote attackers to execute arbitrary code via the d parameter in the Documents module.

  • CVE-2021-37787MedMar 11, 2025
    risk 0.42cvss 6.5epss 0.00

    The unprivileged administrative interface in ABO.CMS version 5.8 through v.5.9.3 is affected by a SQL Injection vulnerability via a HTTP POST request to the TinyMCE module

  • CVE-2023-46952MedJan 17, 2024
    risk 0.40cvss 6.1epss 0.01

    Cross Site Scripting vulnerability in ABO.CMS v.5.9.3 allows an attacker to execute arbitrary code via a crafted payload to the Referer header.