Vulnerabilities > Siberiancms

DATE	CVE	VULNERABILITY TITLE	RISK
2024-07-30	CVE-2024-41702	SQL Injection vulnerability in Siberiancms SiberianCMS - CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') network low complexity siberiancms CWE-89 critical	9.8
2023-09-27	CVE-2023-39375	Improper Privilege Management vulnerability in Siberiancms SiberianCMS - CWE-274: Improper Handling of Insufficient Privileges network low complexity siberiancms CWE-269 critical	9.8
2023-09-27	CVE-2023-39376	Improper Access Control vulnerability in Siberiancms SiberianCMS - CWE-284 Improper Access Control Authorized user may disable a security feature over the network network low complexity siberiancms CWE-284	6.5
2023-09-27	CVE-2023-39377	Unrestricted Upload of File with Dangerous Type vulnerability in Siberiancms SiberianCMS - CWE-434: Unrestricted Upload of File with Dangerous Type - A malicious user with administrative privileges may be able to upload a dangerous filetype via an unspecified method network low complexity siberiancms CWE-434	7.2
2023-09-27	CVE-2023-39378	SQL Injection vulnerability in Siberiancms SiberianCMS - CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') by an unauthenticated user network low complexity siberiancms CWE-89	8.8
2017-03-15	CVE-2017-6906	Cross-site Scripting vulnerability in Siberiancms An issue was discovered in SiberianCMS before 4.10.0. network low complexity siberiancms CWE-79	6.1

Vulnerabilities > Siberiancms {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Siberiancms"}]}