VYPR
Vendor

CMSUno

Products
1
CVEs
2
Across products
2
Status
Private

Products

1

Recent CVEs

2
  • CVE-2021-40889CriOct 11, 2021
    risk 0.64cvss 9.8epss 0.02

    CMSUno version 1.7.2 is affected by a PHP code execution vulnerability. sauvePass action in {webroot}/uno/central.php file calls to file_put_contents() function to write username in password.php file when a user successfully changed their password. The attacker can inject…

  • CVE-2021-36654MedAug 3, 2021
    risk 0.38cvss 5.4epss 0.02

    CMSuno 1.7 is vulnerable to an authenticated stored cross site scripting in modifying the filename parameter (tgo) while updating the theme.