Vendor

Cuppacms

Products

CVEs

Across products

Status

Private

Products

CVE	Vendor / Product	CVSS	Published	Description
CVE-2018-19918	Cuppacms Cuppacms	—	Dec 31, 2018	CuppaCMS has XSS via an SVG document uploaded to the administrator/#/component/table_manager/view/cu_views URI.
CVE-2018-19559	Cuppacms Cuppacms	—	Nov 26, 2018	CuppaCMS before 2018-11-12 has SQL Injection in administrator/classes/ajax/functions.php via the reference_id parameter.
CVE-2018-17300	Cuppacms Cuppacms	—	Sep 21, 2018	Stored XSS exists in CuppaCMS through 2018-09-03 via an administrator/#/component/table_manager/view/cu_menus section name.

CVE-2018-19918Dec 31, 2018
Cuppacms
Cuppacms
risk 0.00cvss —epss 0.00
CuppaCMS has XSS via an SVG document uploaded to the administrator/#/component/table_manager/view/cu_views URI.
CVE-2018-19559Nov 26, 2018
Cuppacms
Cuppacms
risk 0.00cvss —epss 0.00
CuppaCMS before 2018-11-12 has SQL Injection in administrator/classes/ajax/functions.php via the reference_id parameter.
CVE-2018-17300Sep 21, 2018
Cuppacms
Cuppacms
risk 0.00cvss —epss 0.00
Stored XSS exists in CuppaCMS through 2018-09-03 via an administrator/#/component/table_manager/view/cu_menus section name.