VYPR
Vendor

Bootstrap CMS

Products
1
CVEs
4
Across products
4
Status
Private

Products

1

Recent CVEs

4
  • CVE-2019-25642HigMar 24, 2026
    risk 0.53cvss 8.2epss 0.00

    Bootstrapy CMS contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through POST parameters. Attackers can inject SQL payloads into the thread_id parameter of forum-thread.php, the…

  • CVE-2026-7508MedApr 30, 2026
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was found in Bootstrap CMS 0.9.0-alpha. Affected is an unknown function of the file resources/views/pages/show.blade.php of the component Page Creation Handler. Performing a manipulation of the argument body results in code injection. Remote exploitation of the…

  • CVE-2022-26624MedApr 8, 2022
    risk 0.40cvss 6.1epss 0.01

    Bootstrap v3.1.11 and v3.3.7 was discovered to contain a cross-site scripting (XSS) vulnerability via the Title parameter in /vendor/views/add_product.php.

  • CVE-2020-13890MedJun 6, 2020
    risk 0.35cvss 5.4epss 0.01

    The Neon theme 2.0 before 2020-06-03 for Bootstrap allows XSS via an Add Task Input operation in a dashboard.