Vulnerabilities > Damicms > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-12 | CVE-2020-18451 | Cross-site Scripting vulnerability in Damicms 6.0.6 Cross Site Scripting (XSS) vulnerability exists in DamiCMS v6.0.6 via the title parameter in the doadd function in LabelAction.class.php. | 4.8 |
| 2019-07-10 | CVE-2018-14831 | Information Exposure vulnerability in Damicms 6.0.0 An arbitrary file read vulnerability in DamiCMS v6.0.0 allows remote authenticated administrators to read any files in the server via a crafted /admin.php?s=Tpl/Add/id/ URI. | 4.9 |