Vulnerabilities > Cskaza
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-11-27 | CVE-2023-6302 | Unspecified vulnerability in Cskaza Cszcms 1.3.0 A vulnerability was found in CSZCMS 1.3.0 and classified as critical. | 7.2 |
2023-11-27 | CVE-2023-6303 | Unspecified vulnerability in Cskaza Cszcms 1.3.0 A vulnerability was found in CSZCMS 1.3.0. | 4.8 |
2023-09-16 | CVE-2023-41436 | Cross-site Scripting vulnerability in Cskaza Cszcms 1.3.0 Cross Site Scripting vulnerability in CSZCMS v.1.3.0 allows a local attacker to execute arbitrary code via a crafted script to the Additional Meta Tag parameter in the Pages Content Menu component. | 5.4 |
2023-08-11 | CVE-2020-36136 | SQL Injection vulnerability in Cskaza Cszcms 1.2.9 SQL Injection vulnerability in cskaza cszcms version 1.2.9, allows attackers to gain sensitive information via pm_sendmail parameter in csz_model.php. | 7.5 |
2023-08-09 | CVE-2023-34545 | SQL Injection vulnerability in Cskaza Cszcms 1.3.0 A SQL injection vulnerability in CSZCMS 1.3.0 allows remote attackers to run arbitrary SQL commands via p parameter or the search URL. | 9.8 |
2022-01-27 | CVE-2021-46377 | SQL Injection vulnerability in Cskaza Cszcms 1.2.9 There is a front-end sql injection vulnerability in cszcms 1.2.9 via cszcms/controllers/Member.php#viewUser | 9.8 |