Vulnerabilities > Genixcms > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-09-27 | CVE-2017-14764 | Code Injection vulnerability in Genixcms 1.1.4 In the Upload Modules page in GeniXCMS 1.1.4, remote authenticated users can execute arbitrary PHP code via a .php file in a ZIP archive of a module. | 8.8 |
| 2017-09-27 | CVE-2017-14763 | Unspecified vulnerability in Genixcms 1.1.4 In the Install Themes page in GeniXCMS 1.1.4, remote authenticated users can execute arbitrary PHP code via a .php file in a ZIP archive of a theme. | 8.8 |
| 2017-05-01 | CVE-2017-8377 | SQL Injection vulnerability in Genixcms 1.0.2 GeniXCMS 1.0.2 has SQL Injection in inc/lib/Control/Backend/menus.control.php via the menuid parameter. | 8.8 |
| 2017-01-12 | CVE-2017-5346 | SQL Injection vulnerability in Genixcms 0.0.8 SQL injection vulnerability in inc/lib/Control/Backend/posts.control.php in GeniXCMS 0.0.8 allows remote authenticated administrators to execute arbitrary SQL commands via the id parameter to gxadmin/index.php. | 7.2 |
| 2017-01-01 | CVE-2016-10096 | SQL Injection vulnerability in Genixcms SQL injection vulnerability in register.php in GeniXCMS before 1.0.0 allows remote attackers to execute arbitrary SQL commands via the activation parameter. | 7.3 |