Filtered by vendor Ed01-cms Project Subscriptions
Total 6 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-30890 1 Ed01-cms Project 1 Ed01-cms 2024-11-21 4.7 Medium
Cross Site Scripting vulnerability in ED01-CMS v.1.0 allows an attacker to obtain sensitive information via the categories.php component.
CVE-2022-28525 1 Ed01-cms Project 1 Ed01-cms 2024-11-21 8.8 High
ED01-CMS v20180505 was discovered to contain an arbitrary file upload vulnerability via /admin/users.php?source=edit_user&id=1.
CVE-2022-28524 1 Ed01-cms Project 1 Ed01-cms 2024-11-21 9.8 Critical
ED01-CMS v20180505 was discovered to contain a SQL injection vulnerability via the component post.php.
CVE-2020-18262 1 Ed01-cms Project 1 Ed01-cms 2024-11-21 9.8 Critical
ED01-CMS v1.0 was discovered to contain a SQL injection in the component cposts.php via the cid parameter.
CVE-2020-18261 1 Ed01-cms Project 1 Ed01-cms 2024-11-21 9.8 Critical
An arbitrary file upload vulnerability in the image upload function of ED01-CMS v1.0 allows attackers to execute arbitrary commands.
CVE-2020-18259 1 Ed01-cms Project 1 Ed01-cms 2024-11-21 6.1 Medium
ED01-CMS v1.0 was discovered to contain a reflective cross-site scripting (XSS) vulnerability in the component sposts.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload inserted into the Post title or Post content fields.