Vulnerabilities > Njtech > High

DATE CVE VULNERABILITY TITLE RISK
2023-06-20 CVE-2020-21366 Cross-Site Request Forgery (CSRF) vulnerability in Njtech Greencms 2.3
Cross Site Request Forgery vulnerability in GreenCMS v.2.3 allows an attacker to gain privileges via the adduser function of index.php.
network
low complexity
njtech CWE-352
8.0
8.0
2022-04-26 CVE-2022-28918 Unspecified vulnerability in Njtech Greencms 2.3.0603
GreenCMS v2.3.0603 was discovered to contain an arbitrary file deletion vulnerability via /index.php?m=admin&c=custom&a=plugindelhandle&plugin_name=.
network
low complexity
njtech
8.1
8.1
2018-06-20 CVE-2018-12604 Information Exposure Through Log Files vulnerability in Njtech Greencms 2.3.0603
GreenCMS 2.3.0603 allows remote attackers to obtain sensitive information via a direct request for Data/Log/year_month_day.log.
network
low complexity
njtech CWE-532
7.5
7.5
2018-06-01 CVE-2018-11671 Cross-Site Request Forgery (CSRF) vulnerability in Njtech Greencms 2.3.0603
An issue was discovered in GreenCMS v2.3.0603.
network
low complexity
njtech CWE-352
8.8
8.8
2018-06-01 CVE-2018-11670 Cross-Site Request Forgery (CSRF) vulnerability in Njtech Greencms 2.3.0603
An issue was discovered in GreenCMS v2.3.0603.
network
low complexity
njtech CWE-352
8.8
8.8