Vulnerabilities > 8Cms

DATE CVE VULNERABILITY TITLE RISK
2023-06-20 CVE-2020-20735 Unrestricted Upload of File with Dangerous Type vulnerability in 8Cms Ljcms 4.3.R60321
File Upload vulnerability in LJCMS v.4.3.R60321 allows a remote attacker to execute arbitrary code via the ljcms/index.php parameter.
network
low complexity
8cms CWE-434
critical
9.8
2021-12-27 CVE-2020-21237 Improper Restriction of Excessive Authentication Attempts vulnerability in 8Cms Ljcms 1.11
An issue in the user login box of LJCMS v1.11 allows attackers to hijack user accounts via brute force attacks.
network
low complexity
8cms CWE-307
5.0
2021-08-12 CVE-2020-20979 Unrestricted Upload of File with Dangerous Type vulnerability in 8Cms Ljcms 4.3.
An arbitrary file upload vulnerability in the move_uploaded_file() function of LJCMS v4.3 allows attackers to execute arbitrary code.
network
low complexity
8cms CWE-434
7.5
2021-07-08 CVE-2020-20583 SQL Injection vulnerability in 8Cms Ljcms 4.3.R60321
A SQL injection vulnerability in /question.php of LJCMS Version v4.3.R60321 allows attackers to obtain sensitive database information.
network
low complexity
8cms CWE-89
5.0