VYPR
Vendor

Kiamo

Products
1
CVEs
2
Across products
2
Status
Private

Products

1

Recent CVEs

2
  • CVE-2025-70364HigApr 9, 2026
    risk 0.57cvss 8.8epss 0.00

    An issue was discovered in Kiamo before 8.4 allowing authenticated administrative attackers to execute arbitrary PHP code on the server. NOTE: the Supplier's position is that this is "a historical and intended administrative feature of the product, accessible only to already…

  • CVE-2025-70365MedApr 9, 2026
    risk 0.28cvss 5.4epss 0.00

    A stored cross-site scripting (XSS) vulnerability exists in Kiamo before 8.4 due to improper output encoding of user-supplied input in administrative interfaces. An authenticated administrative user can inject arbitrary JavaScript code that is executed in the browser of users…