Vulnerabilities > Chshcms > Cscms > 4.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-09 | CVE-2022-30898 | Cross-Site Request Forgery (CSRF) vulnerability in Chshcms Cscms 4.2 A Cross-site request forgery (CSRF) vulnerability in Cscms music portal system v4.2 allows remote attackers to change the administrator's username and password. | 4.3 |
| 2022-04-15 | CVE-2022-27365 | SQL Injection vulnerability in Chshcms Cscms 4.2 Cscms Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the component dance_Dance.php_del. | 6.5 |
| 2022-04-15 | CVE-2022-27366 | SQL Injection vulnerability in Chshcms Cscms 4.2 Cscms Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the component dance_Dance.php_hy. | 6.5 |
| 2022-04-15 | CVE-2022-27367 | SQL Injection vulnerability in Chshcms Cscms 4.2 Cscms Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the component dance_Topic.php_del. | 6.5 |
| 2022-04-15 | CVE-2022-27368 | SQL Injection vulnerability in Chshcms Cscms 4.2 Cscms Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the component dance_Lists.php_zhuan. | 6.5 |
| 2022-04-15 | CVE-2022-27369 | SQL Injection vulnerability in Chshcms Cscms 4.2 Cscms Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the component news_News.php_hy. | 6.5 |
| 2022-03-21 | CVE-2022-27090 | Open Redirect vulnerability in Chshcms Cscms 4.2 Cscms Music Portal System v4.2 was discovered to contain a redirection vulnerability via the backurl parameter. | 4.9 |