Vulnerabilities > Siberiancms > Siberiancms > 4.1.8
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-09-27 | CVE-2023-39375 | Improper Privilege Management vulnerability in Siberiancms SiberianCMS - CWE-274: Improper Handling of Insufficient Privileges | 9.8 |
2023-09-27 | CVE-2023-39376 | Improper Access Control vulnerability in Siberiancms SiberianCMS - CWE-284 Improper Access Control Authorized user may disable a security feature over the network | 6.5 |
2023-09-27 | CVE-2023-39377 | Unrestricted Upload of File with Dangerous Type vulnerability in Siberiancms SiberianCMS - CWE-434: Unrestricted Upload of File with Dangerous Type - A malicious user with administrative privileges may be able to upload a dangerous filetype via an unspecified method | 7.2 |
2023-09-27 | CVE-2023-39378 | SQL Injection vulnerability in Siberiancms SiberianCMS - CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') by an unauthenticated user | 8.8 |