Vendor

caokang

Products

CVEs

Across products

Status

Private

Products

CVE	Vendor / Product	CVSS	Published	Description
CVE-2019-3577	caokang Waimai Super Cms	—	Jan 2, 2019	An issue was discovered in Waimai Super Cms 20150505. web/Lib/Action/ProductAction.class.php allows blind SQL Injection via the id[0] parameter to the /product URI.
CVE-2018-18622	caokang Waimai Super Cms	—	Oct 23, 2018	An issue was discovered in Waimai Super Cms 20150505. There is XSS via the index.php?m=public&a=doregister username parameter.
CVE-2018-14014	caokang Waimai Super Cms	—	Jul 12, 2018	In waimai Super Cms 20150505, there is a CSRF vulnerability that can add an admin account via admin.php?m=Member&a=adminadd.

CVE-2019-3577Jan 2, 2019
caokang
Waimai Super Cms
risk 0.00cvss —epss 0.00
An issue was discovered in Waimai Super Cms 20150505. web/Lib/Action/ProductAction.class.php allows blind SQL Injection via the id[0] parameter to the /product URI.
CVE-2018-18622Oct 23, 2018
caokang
Waimai Super Cms
risk 0.00cvss —epss 0.00
An issue was discovered in Waimai Super Cms 20150505. There is XSS via the index.php?m=public&a=doregister username parameter.
CVE-2018-14014Jul 12, 2018
caokang
Waimai Super Cms
risk 0.00cvss —epss 0.00
In waimai Super Cms 20150505, there is a CSRF vulnerability that can add an admin account via admin.php?m=Member&a=adminadd.