Vulnerabilities > Cusg

DATE CVE VULNERABILITY TITLE RISK
2024-02-14 CVE-2023-48985 Cross-site Scripting vulnerability in Cusg Content Management System
Cross Site Scripting (XSS) vulnerability in CU Solutions Group (CUSG) Content Management System (CMS) before v.7.75 allows a remote attacker to execute arbitrary code, escalate privileges, and obtain sensitive information via a crafted script to the login.php component.
network
low complexity
cusg CWE-79
6.1
6.1
2024-02-14 CVE-2023-48986 Cross-site Scripting vulnerability in Cusg Content Management System
Cross Site Scripting (XSS) vulnerability in CU Solutions Group (CUSG) Content Management System (CMS) before v.7.75 allows a remote attacker to execute arbitrary code, escalate privileges, and obtain sensitive information via a crafted script to the users.php component.
network
low complexity
cusg CWE-79
6.1
6.1
2024-02-14 CVE-2023-48987 SQL Injection vulnerability in Cusg Content Management System
Blind SQL Injection vulnerability in CU Solutions Group (CUSG) Content Management System (CMS) before v.7.75 allows a remote attacker to execute arbitrary code, escalate privileges, and obtain sensitive information via a crafted script to the pages.php component.
network
low complexity
cusg CWE-89
7.5
7.5