Vendor
daicuocms
Products
2
CVEs
3
Across products
3
Status
Private
Products
2- 2 CVEs
- 1 CVE
Recent CVEs
3| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-6865 | Med | 0.28 | 4.3 | 0.00 | Jun 29, 2025 | A vulnerability, which was classified as problematic, was found in DaiCuo up to 1.3.13. This affects an unknown part of the file /admin.php/addon/index. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||
| CVE-2025-61194 | 0.00 | — | 0.00 | Oct 21, 2025 | daicuocms V1.3.13 contains a SQL injection vulnerability in the file library\think\db\Builder.php. | |||
| CVE-2025-61181 | 0.00 | — | 0.00 | Oct 21, 2025 | daicuocms V1.3.13 contains an arbitrary file upload vulnerability in the image upload feature. |
- risk 0.28cvss 4.3epss 0.00
A vulnerability, which was classified as problematic, was found in DaiCuo up to 1.3.13. This affects an unknown part of the file /admin.php/addon/index. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
- CVE-2025-61194Oct 21, 2025risk 0.00cvss —epss 0.00
daicuocms V1.3.13 contains a SQL injection vulnerability in the file library\think\db\Builder.php.
- CVE-2025-61181Oct 21, 2025risk 0.00cvss —epss 0.00
daicuocms V1.3.13 contains an arbitrary file upload vulnerability in the image upload feature.