RSS   Podatności dla 'Csz cms'   RSS

2022-04-12
 
CVE-2022-27161

CWE-89
 

 
Csz Cms 1.2.2 is vulnerable to SQL Injection via cszcms_admin_Members_viewUsers

 
 
CVE-2022-27162

CWE-89
 

 
CSZ CMS 1.2.2 is vulnerable to SQL Injection via cszcms_admin_Members_editUser

 
 
CVE-2022-27163

CWE-89
 

 
CSZ CMS 1.2.2 is vulnerable to SQL Injection via cszcms_admin_Users_editUser

 
 
CVE-2022-27164

CWE-89
 

 
CSZ CMS 1.2.2 is vulnerable to SQL Injection via cszcms_admin_Users_viewUsers

 
 
CVE-2022-27165

CWE-89
 

 
CSZ CMS 1.2.2 is vulnerable to SQL Injection via cszcms_admin_Plugin_manager_setstatus

 
2022-03-29
 
CVE-2021-43701

CWE-89
 

 
CSZ CMS 1.2.9 has a Time and Boolean-based Blind SQL Injection vulnerability in the endpoint /admin/export/getcsv/article_db, via the fieldS[] and orderby parameters.

 
2021-10-27
 
CVE-2020-21250

CWE-89
 

 
CSZ CMS v1.2.4 was discovered to contain an arbitrary file upload vulnerability in the component /core/MY_Security.php.

 
2021-07-09
 
CVE-2020-25391

CWE-79
 

 
A cross site scripting vulnerability in CSZ CMS 1.2.9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the 'New Pages' field under the 'Pages Content' module.

 
 
CVE-2020-25392

CWE-79
 

 
A cross site scripting (XSS) vulnerability in CSZ CMS 1.2.9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the 'New Article' field under the 'Article' plugin.

 
2021-03-11
 
CVE-2021-26776

CWE-79
 

 
CSZ CMS 1.2.9 is affected by a cross-site scripting (XSS) vulnerability in multiple pages through the field name.

 


Copyright 2024, cxsecurity.com

 

Back to Top