VYPR
Vendor

loadream

Products
1
CVEs
5
Across products
5
Status
Private

Products

1

Recent CVEs

5
  • CVE-2022-45550CriDec 7, 2022
    risk 0.64cvss 9.8epss 0.01

    AyaCMS 3.1.2 is vulnerable to Remote Code Execution (RCE).

  • CVE-2022-43074CriNov 10, 2022
    risk 0.64cvss 9.8epss 0.01

    AyaCMS v3.1.2 was discovered to contain an arbitrary file upload vulnerability via the component /admin/fst_upload.inc.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.

  • CVE-2022-45548HigDec 6, 2022
    risk 0.57cvss 8.8epss 0.01

    AyaCMS v3.1.2 has an Arbitrary File Upload vulnerability.

  • CVE-2020-23686HigNov 2, 2021
    risk 0.57cvss 8.8epss 0.01

    Cross site request forgery (CSRF) vulnerability in AyaCMS 3.1.2 allows attackers to change an administrators password or other unspecified impacts.

  • CVE-2021-44238HigMar 1, 2022
    risk 0.47cvss 7.2epss 0.02

    AyaCMS 3.1.2 is vulnerable to Remote Code Execution (RCE) via /aya/module/admin/ust_tab_e.inc.php,