Vulnerabilities > Ed01 CMS Project

DATE	CVE	VULNERABILITY TITLE	RISK
2022-04-26	CVE-2022-28524	SQL Injection vulnerability in Ed01-Cms Project Ed01-Cms 20180505 ED01-CMS v20180505 was discovered to contain a SQL injection vulnerability via the component post.php. network low complexity ed01-cms-project CWE-89 critical	9.8
2022-04-26	CVE-2022-28525	Unrestricted Upload of File with Dangerous Type vulnerability in Ed01-Cms Project Ed01-Cms 20180505 ED01-CMS v20180505 was discovered to contain an arbitrary file upload vulnerability via /admin/users.php?source=edit_user&id=1. network low complexity ed01-cms-project CWE-434	8.8
2021-11-03	CVE-2020-18259	Cross-site Scripting vulnerability in Ed01-Cms Project Ed01-Cms 1.0 ED01-CMS v1.0 was discovered to contain a reflective cross-site scripting (XSS) vulnerability in the component sposts.php. network low complexity ed01-cms-project CWE-79	6.1
2021-11-03	CVE-2020-18261	Unrestricted Upload of File with Dangerous Type vulnerability in Ed01-Cms Project Ed01-Cms 1.0 An arbitrary file upload vulnerability in the image upload function of ED01-CMS v1.0 allows attackers to execute arbitrary commands. network low complexity ed01-cms-project CWE-434 critical	9.8
2021-11-03	CVE-2020-18262	SQL Injection vulnerability in Ed01-Cms Project Ed01-Cms 1.0 ED01-CMS v1.0 was discovered to contain a SQL injection in the component cposts.php via the cid parameter. network low complexity ed01-cms-project CWE-89 critical	9.8

Vulnerabilities > Ed01 CMS Project {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Ed01 CMS Project"}]}