Vulnerabilities > Kitesky

DATE	CVE	VULNERABILITY TITLE	RISK
2023-02-03	CVE-2021-36546	Insecure Storage of Sensitive Information vulnerability in Kitesky Kitecms 1.1 Incorrect Access Control issue discovered in KiteCMS 1.1 allows remote attackers to view sensitive information via path in application URL. network low complexity kitesky CWE-922	7.5
2022-04-21	CVE-2022-28445	Files or Directories Accessible to External Parties vulnerability in Kitesky Kitecms 1.1.1 KiteCMS v1.1.1 was discovered to contain an arbitrary file read vulnerability via the background management module. network low complexity kitesky CWE-552	4.0
2021-09-13	CVE-2020-20671	Cross-Site Request Forgery (CSRF) vulnerability in Kitesky Kitecms 1.1 A cross-site request forgery (CSRF) in KiteCMS V1.1 allows attackers to arbitrarily add an administrator account. network kitesky CWE-352	6.8
2021-09-13	CVE-2020-20672	Unrestricted Upload of File with Dangerous Type vulnerability in Kitesky Kitecms 1.1 An arbitrary file upload vulnerability in /admin/upload/uploadfile of KiteCMS V1.1 allows attackers to getshell via a crafted PHP file. network kitesky CWE-434	6.8
2021-08-12	CVE-2021-31731	Path Traversal vulnerability in Kitesky Kitecms 1.1.1 A directory traversal issue in KiteCMS 1.1.1 allows remote administrators to overwrite arbitrary files via ../ in the path parameter to index.php/admin/Template/fileedit, with PHP code in the html parameter. network low complexity kitesky CWE-22	5.5

Vulnerabilities > Kitesky {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Kitesky"}]}