Vulnerabilities > Rockoa > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-12-13 CVE-2023-49363 SQL Injection vulnerability in Rockoa
Rockoa <2.3.3 is vulnerable to SQL Injection.
network
low complexity
rockoa CWE-89
critical
 9.8
9.8
2023-12-06 CVE-2023-48930 Unrestricted Upload of File with Dangerous Type vulnerability in Rockoa Xinhu 2.2.1
xinhu xinhuoa 2.2.1 contains a File upload vulnerability.
network
low complexity
rockoa CWE-434
critical
 9.8
9.8
2023-03-31 CVE-2023-1773 Code Injection vulnerability in Rockoa 2.3.2
A vulnerability was found in Rockoa 2.3.2.
network
low complexity
rockoa CWE-94
critical
 9.8
9.8
2021-02-05 CVE-2020-18716 SQL Injection vulnerability in Rockoa 1.8.7
SQL Injection in Rockoa v1.8.7 allows remote attackers to gain privileges due to loose filtering of parameters in wordAction.php.
network
low complexity
rockoa CWE-89
critical
 9.8
9.8
2021-02-05 CVE-2020-18714 SQL Injection vulnerability in Rockoa 1.8.7
SQL Injection in Rockoa v1.8.7 allows remote attackers to gain privileges due to loose filtering of parameters in wordModel.php's getdata function.
network
low complexity
rockoa CWE-89
critical
 9.8
9.8
2021-02-05 CVE-2020-18713 SQL Injection vulnerability in Rockoa 1.8.7
SQL Injection in Rockoa v1.8.7 allows remote attackers to gain privileges due to loose filtering of parameters in customerAction.php
network
low complexity
rockoa CWE-89
critical
 9.8
9.8