Vulnerabilities > Kkcms Project > Kkcms
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-15 | CVE-2022-32101 | SQL Injection vulnerability in Kkcms Project Kkcms 1.37 kkcms v1.3.7 was discovered to contain a SQL injection vulnerability via the cid parameter at /template/wapian/vlist.php. | 9.8 |
| 2019-09-27 | CVE-2019-16923 | Cross-site Scripting vulnerability in Kkcms Project Kkcms 1.3 kkcms 1.3 has jx.php?url= XSS. | 6.1 |
| 2019-09-23 | CVE-2019-16706 | Cross-Site Request Forgery (CSRF) vulnerability in Kkcms Project Kkcms 1.3 kkcms v1.3 has a CSRF vulnerablity that can add an user account via admin/cms_user_add.php. | 8.8 |