Vulnerabilities > Chshcms > Cscms > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-09 | CVE-2022-30898 | Cross-Site Request Forgery (CSRF) vulnerability in Chshcms Cscms 4.2 A Cross-site request forgery (CSRF) vulnerability in Cscms music portal system v4.2 allows remote attackers to change the administrator's username and password. | 4.3 |
| 2022-05-04 | CVE-2022-28552 | SQL Injection vulnerability in Chshcms Cscms 4.1 Cscms 4.1 is vulnerable to SQL Injection. | 6.5 |
| 2022-04-15 | CVE-2022-27365 | SQL Injection vulnerability in Chshcms Cscms 4.2 Cscms Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the component dance_Dance.php_del. | 6.5 |
| 2022-04-15 | CVE-2022-27366 | SQL Injection vulnerability in Chshcms Cscms 4.2 Cscms Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the component dance_Dance.php_hy. | 6.5 |
| 2022-04-15 | CVE-2022-27367 | SQL Injection vulnerability in Chshcms Cscms 4.2 Cscms Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the component dance_Topic.php_del. | 6.5 |
| 2022-04-15 | CVE-2022-27368 | SQL Injection vulnerability in Chshcms Cscms 4.2 Cscms Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the component dance_Lists.php_zhuan. | 6.5 |
| 2022-04-15 | CVE-2022-27369 | SQL Injection vulnerability in Chshcms Cscms 4.2 Cscms Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the component news_News.php_hy. | 6.5 |
| 2022-03-21 | CVE-2022-27090 | Open Redirect vulnerability in Chshcms Cscms 4.2 Cscms Music Portal System v4.2 was discovered to contain a redirection vulnerability via the backurl parameter. | 4.9 |
| 2021-12-27 | CVE-2020-21238 | Improper Restriction of Excessive Authentication Attempts vulnerability in Chshcms Cscms 4.0 An issue in the user login box of CSCMS v4.0 allows attackers to hijack user accounts via brute force attacks. | 5.0 |
| 2019-03-07 | CVE-2019-9598 | Cross-Site Request Forgery (CSRF) vulnerability in Chshcms Cscms 4.1 An issue was discovered in Cscms 4.1.0. | 4.3 |