Vulnerabilities > Ayacms Project

DATE	CVE	VULNERABILITY TITLE	RISK
2023-01-27	CVE-2022-48116	Unspecified vulnerability in Ayacms Project Ayacms 3.1.2 AyaCMS v3.1.2 was discovered to contain a remote code execution (RCE) vulnerability via the component /admin/tpl_edit.inc.php. network low complexity ayacms-project	7.2
2022-12-22	CVE-2022-46101	Code Injection vulnerability in Ayacms Project Ayacms 3.1.2 AyaCMS v3.1.2 was found to have a code flaw in the ust_sql.inc.php file, which allows attackers to cause command execution by inserting malicious code. network low complexity ayacms-project CWE-94	8.8
2022-12-22	CVE-2022-46102	Unrestricted Upload of File with Dangerous Type vulnerability in Ayacms Project Ayacms 3.1.2 AyaCMS 3.1.2 is vulnerable to Arbitrary file upload via /aya/module/admin/fst_down.inc.php network low complexity ayacms-project CWE-434 critical	9.8
2022-12-22	CVE-2022-47926	Argument Injection or Modification vulnerability in Ayacms Project Ayacms 3.1.2 AyaCMS 3.1.2 is vulnerable to file deletion via /aya/module/admin/fst_del.inc.php network low complexity ayacms-project CWE-88 critical	9.8
2022-12-07	CVE-2022-45550	Unspecified vulnerability in Ayacms Project Ayacms 3.1.2 AyaCMS 3.1.2 is vulnerable to Remote Code Execution (RCE). network low complexity ayacms-project critical	9.8
2022-12-06	CVE-2022-45548	Unrestricted Upload of File with Dangerous Type vulnerability in Ayacms Project Ayacms 3.1.2 AyaCMS v3.1.2 has an Arbitrary File Upload vulnerability. network low complexity ayacms-project CWE-434	8.8
2022-11-10	CVE-2022-43074	Unrestricted Upload of File with Dangerous Type vulnerability in Ayacms Project Ayacms 3.1.2 AyaCMS v3.1.2 was discovered to contain an arbitrary file upload vulnerability via the component /admin/fst_upload.inc.php. network low complexity ayacms-project CWE-434 critical	9.8
2022-03-01	CVE-2021-44238	Code Injection vulnerability in Ayacms Project Ayacms 3.1.2 AyaCMS 3.1.2 is vulnerable to Remote Code Execution (RCE) via /aya/module/admin/ust_tab_e.inc.php, network low complexity ayacms-project CWE-94	6.5
2021-11-02	CVE-2020-23686	Cross-Site Request Forgery (CSRF) vulnerability in Ayacms Project Ayacms 3.1.2 Cross site request forgery (CSRF) vulnerability in AyaCMS 3.1.2 allows attackers to change an administrators password or other unspecified impacts. network ayacms-project CWE-352	6.8

Vulnerabilities > Ayacms Project {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Ayacms Project"}]}

Vulnerabilities > Ayacms Project