Vulnerabilities > Chshcms

DATE CVE VULNERABILITY TITLE RISK
2022-05-04 CVE-2022-28552 SQL Injection vulnerability in Chshcms Cscms 4.1
Cscms 4.1 is vulnerable to SQL Injection.
network
low complexity
chshcms CWE-89
6.5
2022-04-15 CVE-2022-27365 SQL Injection vulnerability in Chshcms Cscms 4.2
Cscms Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the component dance_Dance.php_del.
network
low complexity
chshcms CWE-89
6.5
2022-04-15 CVE-2022-27366 SQL Injection vulnerability in Chshcms Cscms 4.2
Cscms Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the component dance_Dance.php_hy.
network
low complexity
chshcms CWE-89
6.5
2022-04-15 CVE-2022-27367 SQL Injection vulnerability in Chshcms Cscms 4.2
Cscms Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the component dance_Topic.php_del.
network
low complexity
chshcms CWE-89
6.5
2022-04-15 CVE-2022-27368 SQL Injection vulnerability in Chshcms Cscms 4.2
Cscms Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the component dance_Lists.php_zhuan.
network
low complexity
chshcms CWE-89
6.5
2022-04-15 CVE-2022-27369 SQL Injection vulnerability in Chshcms Cscms 4.2
Cscms Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the component news_News.php_hy.
network
low complexity
chshcms CWE-89
6.5
2022-03-21 CVE-2022-27090 Open Redirect vulnerability in Chshcms Cscms 4.2
Cscms Music Portal System v4.2 was discovered to contain a redirection vulnerability via the backurl parameter.
network
chshcms CWE-601
4.9
2022-01-11 CVE-2020-28102 SQL Injection vulnerability in Chshcms Cscms 4.1
cscms v4.1 allows for SQL injection via the "js_del" function.
network
low complexity
chshcms CWE-89
7.5
2022-01-11 CVE-2020-28103 SQL Injection vulnerability in Chshcms Cscms 4.1
cscms v4.1 allows for SQL injection via the "page_del" function.
network
low complexity
chshcms CWE-89
7.5
2021-12-27 CVE-2020-21238 Improper Restriction of Excessive Authentication Attempts vulnerability in Chshcms Cscms 4.0
An issue in the user login box of CSCMS v4.0 allows attackers to hijack user accounts via brute force attacks.
network
low complexity
chshcms CWE-307
5.0