VYPR
Vendor

AquilaCMS

Products
1
CVEs
3
Across products
3
Status
Private

Products

1

Recent CVEs

3
  • CVE-2024-48573CriOct 29, 2024
    risk 0.67cvss 9.8epss 0.01

    A NoSQL injection vulnerability in AquilaCMS 1.409.20 and prior allows unauthenticated attackers to reset user and administrator account passwords via the "Reset password" feature.

  • CVE-2025-0465HigJan 14, 2025
    risk 0.48cvss 7.3epss 0.01

    A vulnerability was found in AquilaCMS 1.412.13. It has been rated as critical. Affected by this issue is some unknown functionality of the file /api/v2/categories. The manipulation of the argument PostBody.populate leads to deserialization. The attack may be launched remotely.…

  • CVE-2024-48572MedOct 29, 2024
    risk 0.34cvss 5.3epss 0.00

    A User enumeration vulnerability in AquilaCMS 1.409.20 and prior allows unauthenticated attackers to obtain email addresses via the "Add a user" feature. The vulnerability occurs due to insufficiently validated user input being processed as a regular expression, which is then…