VYPR
Vendor

DuomiCMS

Products
1
CVEs
2
Across products
2
Status
Private

Products

1

Recent CVEs

2
  • CVE-2018-18084CriOct 9, 2018
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered in DuomiCMS 3.0. SQL injection exists in the ajax.php file, as demonstrated by the uid parameter.

  • CVE-2018-18083CriOct 9, 2018
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in DuomiCMS 3.0. Remote PHP code execution is possible via the search.php searchword parameter because "eval" is used during "if" processing.