VYPR

hooskcms

by hooskcms

CVEs (3)

  • CVE-2025-25990MedFeb 14, 2025
    risk 0.40cvss 6.1epss 0.00

    Cross Site Scripting vulnerability in hooskcms v.1.7.1 allows a remote attacker to obtain sensitive information via the /install/index.php component.

  • CVE-2025-25991MedFeb 14, 2025
    risk 0.33cvss 5.1epss 0.00

    SQL Injection vulnerability in hooskcms v.1.7.1 allows a remote attacker to obtain sensitive information via the /install/index.php component.

  • CVE-2025-25988MedFeb 14, 2025
    risk 0.31cvss 4.8epss 0.00

    Cross Site Scripting vulnerability in hooskcms v.1.8 allows a remote attacker to cause a denial of service via the custom Link title parameter and the Title parameter.