Vendor
loadream
Products
1
CVEs
5
Across products
5
Status
Private
Products
1- 5 CVEs
Recent CVEs
5| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-45550 | Cri | 0.64 | 9.8 | 0.01 | Dec 7, 2022 | AyaCMS 3.1.2 is vulnerable to Remote Code Execution (RCE). | ||
| CVE-2022-43074 | Cri | 0.64 | 9.8 | 0.01 | Nov 10, 2022 | AyaCMS v3.1.2 was discovered to contain an arbitrary file upload vulnerability via the component /admin/fst_upload.inc.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file. | ||
| CVE-2022-45548 | Hig | 0.57 | 8.8 | 0.01 | Dec 6, 2022 | AyaCMS v3.1.2 has an Arbitrary File Upload vulnerability. | ||
| CVE-2020-23686 | Hig | 0.57 | 8.8 | 0.01 | Nov 2, 2021 | Cross site request forgery (CSRF) vulnerability in AyaCMS 3.1.2 allows attackers to change an administrators password or other unspecified impacts. | ||
| CVE-2021-44238 | Hig | 0.47 | 7.2 | 0.02 | Mar 1, 2022 | AyaCMS 3.1.2 is vulnerable to Remote Code Execution (RCE) via /aya/module/admin/ust_tab_e.inc.php, |
- risk 0.64cvss 9.8epss 0.01
AyaCMS 3.1.2 is vulnerable to Remote Code Execution (RCE).
- risk 0.64cvss 9.8epss 0.01
AyaCMS v3.1.2 was discovered to contain an arbitrary file upload vulnerability via the component /admin/fst_upload.inc.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.
- risk 0.57cvss 8.8epss 0.01
AyaCMS v3.1.2 has an Arbitrary File Upload vulnerability.
- risk 0.57cvss 8.8epss 0.01
Cross site request forgery (CSRF) vulnerability in AyaCMS 3.1.2 allows attackers to change an administrators password or other unspecified impacts.
- risk 0.47cvss 7.2epss 0.02
AyaCMS 3.1.2 is vulnerable to Remote Code Execution (RCE) via /aya/module/admin/ust_tab_e.inc.php,