Kai Content Management System
Products
1- 5 CVEs
Recent CVEs
5| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-26615 | Med | 0.35 | 5.4 | 0.01 | Apr 5, 2022 | A cross-site scripting (XSS) vulnerability in College Website Content Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the User Profile Name text fields. | ||
| CVE-2012-3791 | 0.03 | — | 0.01 | Jun 21, 2012 | Multiple SQL injection vulnerabilities in Simple Web Content Management System 1.1 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) item_delete.php, (2) item_status.php, (3) item_detail.php, (4) item_modify.php, or (5) item_position.php in… | |||
| CVE-2009-0330 | 0.03 | — | 0.02 | Jan 29, 2009 | Directory traversal vulnerability in index.php in Simple Content Management System (SCMS) 1 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the p parameter. | |||
| CVE-2008-2186 | 0.03 | — | 0.04 | May 13, 2008 | Cross-site scripting (XSS) vulnerability in index.php in Chilek Content Management System (aka ChiCoMaS) 2.0.4 allows remote attackers to inject arbitrary web script or HTML via the q parameter. | |||
| CVE-2007-2106 | 0.00 | — | 0.01 | Apr 18, 2007 | Directory traversal vulnerability in index.php in Kai Content Management System (K-CMS) 1.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the current_theme parameter. |
- risk 0.35cvss 5.4epss 0.01
A cross-site scripting (XSS) vulnerability in College Website Content Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the User Profile Name text fields.
- CVE-2012-3791Jun 21, 2012risk 0.03cvss —epss 0.01
Multiple SQL injection vulnerabilities in Simple Web Content Management System 1.1 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) item_delete.php, (2) item_status.php, (3) item_detail.php, (4) item_modify.php, or (5) item_position.php in…
- CVE-2009-0330Jan 29, 2009risk 0.03cvss —epss 0.02
Directory traversal vulnerability in index.php in Simple Content Management System (SCMS) 1 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the p parameter.
- CVE-2008-2186May 13, 2008risk 0.03cvss —epss 0.04
Cross-site scripting (XSS) vulnerability in index.php in Chilek Content Management System (aka ChiCoMaS) 2.0.4 allows remote attackers to inject arbitrary web script or HTML via the q parameter.
- CVE-2007-2106Apr 18, 2007risk 0.00cvss —epss 0.01
Directory traversal vulnerability in index.php in Kai Content Management System (K-CMS) 1.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the current_theme parameter.