VYPR
Vendor

Lunarcms

Products
1
CVEs
2
Across products
2
Status
Private

Products

1

Recent CVEs

2
  • CVE-2024-3507HigMay 8, 2024
    risk 0.50cvss 7.7epss 0.00

    Improper privilege management vulnerability in Lunar software that affects versions 6.0.2 through 6.6.0. This vulnerability allows an attacker to perform a secondary process injection into the Lunar application and abuse those rights to access sensitive user information.

  • CVE-2014-4718Jul 3, 2014
    risk 0.03cvss epss 0.02

    Multiple cross-site request forgery (CSRF) vulnerabilities in Lunar CMS before 3.3-3 allow remote attackers to hijack the authentication of administrators for requests that (1) add Super users via a request to admin/user_create.php or conduct cross-site scripting (XSS) attacks…