Vulnerabilities > Bosscms

DATE	CVE	VULNERABILITY TITLE	RISK
2024-01-30	CVE-2024-22938	Incorrect Authorization vulnerability in Bosscms 1.3.0 Insecure Permissions vulnerability in BossCMS v.1.3.0 allows a local attacker to execute arbitrary code and escalate privileges via the init function in admin.class.php component. local low complexity bosscms CWE-863	7.8
2022-11-28	CVE-2022-44937	Cross-Site Request Forgery (CSRF) vulnerability in Bosscms 2.0.0 Bosscms v2.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the Add function under the Administrator List module. network low complexity bosscms CWE-352	6.5
2022-05-05	CVE-2022-28606	Unrestricted Upload of File with Dangerous Type vulnerability in Bosscms 1.0.0 An arbitrary file upload vulnerability exists in Wenzhou Huoyin Information Technology Co., Ltd. network low complexity bosscms CWE-434 critical	9.8

Vulnerabilities > Bosscms {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Bosscms"}]}