Vulnerabilities > Lmxcms

DATE CVE VULNERABILITY TITLE RISK
2023-11-16 CVE-2021-35437 SQL Injection vulnerability in Lmxcms 1.4
SQL injection vulnerability in LMXCMS v.1.4 allows attacker to execute arbitrary code via the TagsAction.class.
network
low complexity
lmxcms CWE-89
critical
 9.8
9.8
2023-11-02 CVE-2023-46958 Unspecified vulnerability in Lmxcms 1.41
An issue in lmxcms v.1.41 allows a remote attacker to execute arbitrary code via a crafted script to the admin.php file.
network
low complexity
lmxcms
critical
 9.8
9.8
2023-09-17 CVE-2023-5017 SQL Injection vulnerability in Lmxcms
A vulnerability was found in lmxcms up to 1.41.
network
low complexity
lmxcms CWE-89
critical
 9.8
9.8
2023-04-13 CVE-2023-29598 SQL Injection vulnerability in Lmxcms 1.4.1
lmxcms v1.4.1 was discovered to contain a SQL injection vulnerability via the setbook parameter at index.php.
network
low complexity
lmxcms CWE-89
critical
 9.8
9.8
2023-03-10 CVE-2023-1321 SQL Injection vulnerability in Lmxcms 1.41
A vulnerability has been found in lmxcms 1.41 and classified as critical.
network
low complexity
lmxcms CWE-89
critical
 9.8
9.8
2023-03-10 CVE-2023-1322 SQL Injection vulnerability in Lmxcms 1.41
A vulnerability was found in lmxcms 1.41 and classified as critical.
network
low complexity
lmxcms CWE-89
critical
 9.8
9.8
2023-02-01 CVE-2022-48094 Files or Directories Accessible to External Parties vulnerability in Lmxcms 1.41
lmxcms v1.41 was discovered to contain an arbitrary file read vulnerability via TemplateAction.class.php.
network
low complexity
lmxcms CWE-552
4.9
4.9
2023-02-01 CVE-2023-23136 Path Traversal vulnerability in Lmxcms 1.41
lmxcms v1.41 was discovered to contain an arbitrary file deletion vulnerability via BackdbAction.class.php.
network
low complexity
lmxcms CWE-22
6.5
6.5