Vulnerabilities > Chshcms > Cscms > 4.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-27 | CVE-2020-21238 | Improper Restriction of Excessive Authentication Attempts vulnerability in Chshcms Cscms 4.0 An issue in the user login box of CSCMS v4.0 allows attackers to hijack user accounts via brute force attacks. | 5.0 |
| 2018-09-04 | CVE-2018-16448 | Cross-Site Request Forgery (CSRF) vulnerability in Chshcms Cscms 4.0 Cscms 4 allows CSRF for creating a member via upload/admin.php/user/save, authenticating vip members via upload/admin.php/user/init/tid and upload/admin.php/user/init/rzid, and creating a super administrator and web editor via upload/admin.php/sys/save. | 6.8 |