Vulnerabilities > Maccms > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-01 | CVE-2022-47872 | Server-Side Request Forgery (SSRF) vulnerability in Maccms 10.0 A Server-Side Request Forgery (SSRF) in maccms10 v2021.1000.2000 allows attackers to force the application to make arbitrary requests via a crafted payload injected into the Name parameter under the Interface address module. | 8.8 |
| 2022-03-16 | CVE-2021-45786 | Improper Authentication vulnerability in Maccms 10.0 In maccms v10, an attacker can log in through /index.php/user/login in the "col" and "openid" parameters to gain privileges. | 7.5 |
| 2021-08-11 | CVE-2020-21359 | Unrestricted Upload of File with Dangerous Type vulnerability in Maccms 10.0 An arbitrary file upload vulnerability in the Template Upload function of Maccms10 allows attackers bypass the suffix whitelist verification to execute arbitrary code via adding a character to the end of the uploaded file's name. | 7.5 |
| 2017-12-18 | CVE-2017-17733 | Unspecified vulnerability in Maccms 8.0 Maccms 8.x allows remote command execution via the wd parameter in an index.php?m=vod-search request. | 7.5 |