Vulnerabilities > Cskaza

DATE CVE VULNERABILITY TITLE RISK
2023-11-27 CVE-2023-6302 Unspecified vulnerability in Cskaza Cszcms 1.3.0
A vulnerability was found in CSZCMS 1.3.0 and classified as critical.
network
low complexity
cskaza
7.2
2023-11-27 CVE-2023-6303 Unspecified vulnerability in Cskaza Cszcms 1.3.0
A vulnerability was found in CSZCMS 1.3.0.
network
low complexity
cskaza
4.8
2023-09-16 CVE-2023-41436 Cross-site Scripting vulnerability in Cskaza Cszcms 1.3.0
Cross Site Scripting vulnerability in CSZCMS v.1.3.0 allows a local attacker to execute arbitrary code via a crafted script to the Additional Meta Tag parameter in the Pages Content Menu component.
network
low complexity
cskaza CWE-79
5.4
2023-08-11 CVE-2020-36136 SQL Injection vulnerability in Cskaza Cszcms 1.2.9
SQL Injection vulnerability in cskaza cszcms version 1.2.9, allows attackers to gain sensitive information via pm_sendmail parameter in csz_model.php.
network
low complexity
cskaza CWE-89
7.5
2023-08-09 CVE-2023-34545 SQL Injection vulnerability in Cskaza Cszcms 1.3.0
A SQL injection vulnerability in CSZCMS 1.3.0 allows remote attackers to run arbitrary SQL commands via p parameter or the search URL.
network
low complexity
cskaza CWE-89
critical
9.8
2022-01-27 CVE-2021-46377 SQL Injection vulnerability in Cskaza Cszcms 1.2.9
There is a front-end sql injection vulnerability in cszcms 1.2.9 via cszcms/controllers/Member.php#viewUser
network
low complexity
cskaza CWE-89
critical
9.8