Vulnerabilities > Cmswing > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-23 | CVE-2021-43735 | SQL Injection vulnerability in Cmswing 1.3.7 CmsWing 1.3.7 is affected by a SQLi vulnerability via parameter: behavior rule. | 9.8 |
| 2022-03-23 | CVE-2021-43736 | Argument Injection or Modification vulnerability in Cmswing 1.3.7 CmsWing CMS 1.3.7 is affected by a Remote Code Execution (RCE) vulnerability via parameter: log rule | 9.8 |
| 2021-02-01 | CVE-2020-20296 | SQL Injection vulnerability in Cmswing 1.3.8 An issue was found in CMSWing project version 1.3.8, Because the rechargeAction function does not check the balance parameter, malicious parameters can execute arbitrary SQL commands. | 9.8 |
| 2021-02-01 | CVE-2020-20295 | SQL Injection vulnerability in Cmswing 1.3.8 An issue was found in CMSWing project version 1.3.8. | 9.8 |
| 2021-02-01 | CVE-2020-20294 | SQL Injection vulnerability in Cmswing 1.3.8 An issue was found in CMSWing project version 1.3.8. | 9.8 |