VYPR
Vendor

ED01-CMS

Products
1
CVEs
6
Across products
6
Status
Private

Products

1

Recent CVEs

6
  • CVE-2022-28524CriApr 26, 2022
    risk 0.64cvss 9.8epss 0.01

    ED01-CMS v20180505 was discovered to contain a SQL injection vulnerability via the component post.php.

  • CVE-2020-18262CriNov 3, 2021
    risk 0.64cvss 9.8epss 0.01

    ED01-CMS v1.0 was discovered to contain a SQL injection in the component cposts.php via the cid parameter.

  • CVE-2020-18261CriNov 3, 2021
    risk 0.64cvss 9.8epss 0.01

    An arbitrary file upload vulnerability in the image upload function of ED01-CMS v1.0 allows attackers to execute arbitrary commands.

  • CVE-2022-28525HigApr 26, 2022
    risk 0.57cvss 8.8epss 0.01

    ED01-CMS v20180505 was discovered to contain an arbitrary file upload vulnerability via /admin/users.php?source=edit_user&id=1.

  • CVE-2020-18259MedNov 3, 2021
    risk 0.40cvss 6.1epss 0.01

    ED01-CMS v1.0 was discovered to contain a reflective cross-site scripting (XSS) vulnerability in the component sposts.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload inserted into the Post title or Post content fields.

  • CVE-2024-30890MedApr 25, 2024
    risk 0.31cvss 4.7epss 0.00

    Cross Site Scripting vulnerability in ED01-CMS v.1.0 allows an attacker to obtain sensitive information via the categories.php component.