VYPR
Vendor

CMS

Products
3
CVEs
7
Across products
7
Status
Private

Products

3

Recent CVEs

7
  • CVE-2018-17928MedJan 31, 2019
    risk 0.42cvss 6.5epss 0.01

    The product CMS-770 (Software Versions 1.7.1 and prior)is vulnerable that an attacker can read sensitive configuration files by bypassing the user authentication mechanism.

  • CVE-2021-4328MedMar 2, 2023
    risk 0.41cvss 6.3epss 0.01

    A vulnerability has been found in 狮子鱼CMS and classified as critical. Affected by this vulnerability is the function goods_detail of the file ApiController.class.php. The manipulation of the argument goods_id leads to sql injection. The attack can be launched remotely. The…

  • CVE-2010-4899Oct 8, 2011
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in c.php in CMS WebManager-Pro before 8.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.

  • CVE-2009-0493Feb 10, 2009
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in login.php in IT!CMS 2.1a and earlier allows remote attackers to execute arbitrary SQL commands via the Username.

  • CVE-2008-2351May 20, 2008
    risk 0.03cvss epss 0.01

    Multiple SQL injection vulnerabilities in index.php in CMS WebManager-Pro allow remote attackers to execute arbitrary SQL commands via the (1) lang_id and (2) menu_id parameters.

  • CVE-2008-2192May 14, 2008
    risk 0.03cvss epss 0.04

    Static code injection vulnerability in box/minichat/boxpop.php in IT!CMS (aka itcms) 1.9 allows remote attackers to inject arbitrary PHP code into box/MiniChat/data/shouts.php via the shout parameter.

  • CVE-2007-4115Jul 31, 2007
    risk 0.03cvss epss 0.02

    Multiple cross-site scripting (XSS) vulnerabilities in IT!CMS (itcms) 0.2 allow remote attackers to inject arbitrary web script or HTML via the wndtitle parameter to (1) lang-en.php, (2) menu-ed.php, or (3) titletext-ed.php.