hooskcms
by hooskcms
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-25990 | Med | 0.40 | 6.1 | 0.00 | Feb 14, 2025 | Cross Site Scripting vulnerability in hooskcms v.1.7.1 allows a remote attacker to obtain sensitive information via the /install/index.php component. | ||
| CVE-2025-25991 | Med | 0.33 | 5.1 | 0.00 | Feb 14, 2025 | SQL Injection vulnerability in hooskcms v.1.7.1 allows a remote attacker to obtain sensitive information via the /install/index.php component. | ||
| CVE-2025-25988 | Med | 0.31 | 4.8 | 0.00 | Feb 14, 2025 | Cross Site Scripting vulnerability in hooskcms v.1.8 allows a remote attacker to cause a denial of service via the custom Link title parameter and the Title parameter. |
- risk 0.40cvss 6.1epss 0.00
Cross Site Scripting vulnerability in hooskcms v.1.7.1 allows a remote attacker to obtain sensitive information via the /install/index.php component.
- risk 0.33cvss 5.1epss 0.00
SQL Injection vulnerability in hooskcms v.1.7.1 allows a remote attacker to obtain sensitive information via the /install/index.php component.
- risk 0.31cvss 4.8epss 0.00
Cross Site Scripting vulnerability in hooskcms v.1.8 allows a remote attacker to cause a denial of service via the custom Link title parameter and the Title parameter.