Vulnerabilities > Doyocms Project
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-11 | CVE-2020-19802 | Unrestricted Upload of File with Dangerous Type vulnerability in Doyocms Project Doyocms 2.3 File Upload vulnerability found in Milken DoyoCMS v.2.3 allows a remote attacker to execute arbitrary code via the upload file type parameter. | 9.8 |
| 2023-04-11 | CVE-2020-19803 | Cross-Site Request Forgery (CSRF) vulnerability in Doyocms Project Doyocms 2.3 Cross Site Request Forgery vulnerability found in Milken DoyoCMS v.2.3 allows a remote attacker to execute arbitrary code via the background system settings. | 8.8 |
| 2021-11-01 | CVE-2021-26739 | SQL Injection vulnerability in Doyocms Project Doyocms 2.3 SQL Injection vulnerability in pay.php in millken doyocms 2.3, allows attackers to execute arbitrary code, via the attribute parameter. | 7.5 |
| 2021-11-01 | CVE-2021-26740 | Unrestricted Upload of File with Dangerous Type vulnerability in Doyocms Project Doyocms 2.3 Arbitrary file upload vulnerability sysupload.php in millken doyocms 2.3 allows attackers to execute arbitrary code. | 7.5 |