Vulnerabilities > Damicms > Damicms > 6.0.6
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-12 | CVE-2020-18458 | Cross-Site Request Forgery (CSRF) vulnerability in Damicms 6.0.6 Cross Site Request Forgery (CSRF) vulnerability exists in DamiCMS v6.0.6 that can add an admin account via admin.php?s=/Admin/doadd. | 8.0 |
| 2021-08-12 | CVE-2020-18451 | Cross-site Scripting vulnerability in Damicms 6.0.6 Cross Site Scripting (XSS) vulnerability exists in DamiCMS v6.0.6 via the title parameter in the doadd function in LabelAction.class.php. | 4.8 |