Vulnerabilities > Ed01 CMS Project > Ed01 CMS > 20180505

DATE CVE VULNERABILITY TITLE RISK
2022-04-26 CVE-2022-28524 SQL Injection vulnerability in Ed01-Cms Project Ed01-Cms 20180505
ED01-CMS v20180505 was discovered to contain a SQL injection vulnerability via the component post.php.
network
low complexity
ed01-cms-project CWE-89
critical
 9.8
9.8
2022-04-26 CVE-2022-28525 Unrestricted Upload of File with Dangerous Type vulnerability in Ed01-Cms Project Ed01-Cms 20180505
ED01-CMS v20180505 was discovered to contain an arbitrary file upload vulnerability via /admin/users.php?source=edit_user&id=1.
network
low complexity
ed01-cms-project CWE-434
8.8
8.8