Vulnerabilities > Chshcms > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-28 | CVE-2023-26782 | Code Injection vulnerability in Chshcms Mccms 2.6.1 An issue discovered in mccms 2.6.1 allows remote attackers to cause a denial of service via Backend management interface ->System Configuration->Cache Configuration->Cache security characters. | 6.5 |
| 2022-06-09 | CVE-2022-30898 | Cross-Site Request Forgery (CSRF) vulnerability in Chshcms Cscms 4.2 A Cross-site request forgery (CSRF) vulnerability in Cscms music portal system v4.2 allows remote attackers to change the administrator's username and password. | 6.5 |
| 2022-03-21 | CVE-2022-27090 | Open Redirect vulnerability in Chshcms Cscms 4.2 Cscms Music Portal System v4.2 was discovered to contain a redirection vulnerability via the backurl parameter. | 5.4 |
| 2019-03-07 | CVE-2019-9598 | Cross-Site Request Forgery (CSRF) vulnerability in Chshcms Cscms 4.1 An issue was discovered in Cscms 4.1.0. | 6.5 |
| 2018-09-08 | CVE-2018-16730 | Cross-site Scripting vulnerability in Chshcms Cscms 4.1 \upload\plugins\sys\Install.php in CScms 4.1 has XSS via the site name. | 6.1 |
| 2018-09-02 | CVE-2018-16337 | Cross-Site Request Forgery (CSRF) vulnerability in Chshcms Cscms 4.1.8 An issue was discovered in Cscms V4.1.8. | 6.5 |