Vulnerabilities > Ovidentia > Ovidentia > 6.0.0

DATE CVE VULNERABILITY TITLE RISK
2022-02-17 CVE-2022-22914 Path Traversal vulnerability in Ovidentia 6.0.0
An incorrect access control issue in the component FileManager of Ovidentia CMS 6.0 allows authenticated attackers to to view and download content in the upload directory via path traversal.
network
low complexity
ovidentia CWE-22
5.0
5.0
2021-03-30 CVE-2021-29343 SQL Injection vulnerability in Ovidentia
Ovidentia CMS 6.x contains a SQL injection vulnerability in the "id" parameter of index.php.
network
low complexity
ovidentia CWE-89
5.5
5.5
2018-07-09 CVE-2018-1000619 Unrestricted Upload of File with Dangerous Type vulnerability in Ovidentia
Ovidentia version 8.4.3 and earlier contains a Unsanitized User Input vulnerability in utilit.php, bab_getAddonFilePathfromTg that can result in Authenticated Remote Code Execution.
network
low complexity
ovidentia CWE-434
6.5
6.5