Vulnerabilities > Siberiancms

DATE CVE VULNERABILITY TITLE RISK
2024-07-30 CVE-2024-41702 Unspecified vulnerability in Siberiancms
SiberianCMS - CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
network
low complexity
siberiancms
critical
9.8
2023-09-27 CVE-2023-39375 Improper Privilege Management vulnerability in Siberiancms
SiberianCMS - CWE-274: Improper Handling of Insufficient Privileges
network
low complexity
siberiancms CWE-269
critical
9.8
2023-09-27 CVE-2023-39376 Unspecified vulnerability in Siberiancms
SiberianCMS - CWE-284 Improper Access Control Authorized user may disable a security feature over the network
network
low complexity
siberiancms
6.5
2023-09-27 CVE-2023-39377 Unspecified vulnerability in Siberiancms
SiberianCMS - CWE-434: Unrestricted Upload of File with Dangerous Type - A malicious user with administrative privileges may be able to upload a dangerous filetype via an unspecified method
network
low complexity
siberiancms
7.2
2023-09-27 CVE-2023-39378 Unspecified vulnerability in Siberiancms
SiberianCMS - CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') by an unauthenticated user
network
low complexity
siberiancms
8.8
2017-03-15 CVE-2017-6906 Cross-site Scripting vulnerability in Siberiancms
An issue was discovered in SiberianCMS before 4.10.0.
network
low complexity
siberiancms CWE-79
6.1