Vulnerabilities > Chshcms > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-05-26 CVE-2022-29688 SQL Injection vulnerability in Chshcms Cscms Music Portal System 4.2
CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/singer/admin/singer/hy.
network
low complexity
chshcms CWE-89
6.5
6.5
2022-05-26 CVE-2022-29689 SQL Injection vulnerability in Chshcms Cscms Music Portal System 4.2
CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/singer/admin/singer/del.
network
low complexity
chshcms CWE-89
6.5
6.5
2022-05-04 CVE-2022-28552 SQL Injection vulnerability in Chshcms Cscms 4.1
Cscms 4.1 is vulnerable to SQL Injection.
network
low complexity
chshcms CWE-89
6.5
6.5
2022-04-15 CVE-2022-27365 SQL Injection vulnerability in Chshcms Cscms 4.2
Cscms Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the component dance_Dance.php_del.
network
low complexity
chshcms CWE-89
6.5
6.5
2022-04-15 CVE-2022-27366 SQL Injection vulnerability in Chshcms Cscms 4.2
Cscms Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the component dance_Dance.php_hy.
network
low complexity
chshcms CWE-89
6.5
6.5
2022-04-15 CVE-2022-27367 SQL Injection vulnerability in Chshcms Cscms 4.2
Cscms Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the component dance_Topic.php_del.
network
low complexity
chshcms CWE-89
6.5
6.5
2022-04-15 CVE-2022-27368 SQL Injection vulnerability in Chshcms Cscms 4.2
Cscms Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the component dance_Lists.php_zhuan.
network
low complexity
chshcms CWE-89
6.5
6.5
2022-04-15 CVE-2022-27369 SQL Injection vulnerability in Chshcms Cscms 4.2
Cscms Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the component news_News.php_hy.
network
low complexity
chshcms CWE-89
6.5
6.5
2022-03-21 CVE-2022-27090 Open Redirect vulnerability in Chshcms Cscms 4.2
Cscms Music Portal System v4.2 was discovered to contain a redirection vulnerability via the backurl parameter.
network
chshcms CWE-601
4.9
4.9
2021-12-27 CVE-2020-21238 Improper Restriction of Excessive Authentication Attempts vulnerability in Chshcms Cscms 4.0
An issue in the user login box of CSCMS v4.0 allows attackers to hijack user accounts via brute force attacks.
network
low complexity
chshcms CWE-307
5.0
5.0