Vulnerabilities > Skycaiji
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-26 | CVE-2024-39241 | Cross-site Scripting vulnerability in Skycaiji 2.8 Cross Site Scripting (XSS) vulnerability in skycaiji 2.8 allows attackers to run arbitrary code via /admin/tool/preview. | 6.1 |
| 2024-06-26 | CVE-2024-39242 | Cross-site Scripting vulnerability in Skycaiji 2.8 A cross-site scripting (XSS) vulnerability in skycaiji v2.8 allows attackers to execute arbitrary web scripts or HTML via a crafted payload using eval(String.fromCharCode()). | 6.1 |
| 2024-06-22 | CVE-2024-6252 | Cross-site Scripting vulnerability in Skycaiji A vulnerability has been found in Zorlan SkyCaiji up to 2.8 and classified as problematic. | 6.1 |
| 2023-05-26 | CVE-2023-33394 | Cross-site Scripting vulnerability in Skycaiji 2.5.4 skycaiji v2.5.4 is vulnerable to Cross Site Scripting (XSS). | 5.4 |
| 2022-12-07 | CVE-2022-44351 | Deserialization of Untrusted Data vulnerability in Skycaiji 2.5.1 Skycaiji v2.5.1 was discovered to contain a deserialization vulnerability via /SkycaijiApp/admin/controller/Mystore.php. | 9.8 |
| 2022-05-04 | CVE-2022-28096 | Unspecified vulnerability in Skycaiji 2.4 Skycaiji v2.4 was discovered to contain a remote code execution (RCE) vulnerability via /SkycaijiApp/admin/controller/Develop.php. | 7.2 |
| 2021-08-20 | CVE-2020-18878 | Path Traversal vulnerability in Skycaiji 1.3 Directory Traversal in Skycaiji v1.3 allows remote attackers to obtain sensitive information via the component 'index.php?m=admin&c=Tool&a=log&file=D%3A%5CphpStudy%5CWWW%5Cindex.php'. | 5.3 |
| 2018-05-22 | CVE-2018-11371 | Cross-Site Request Forgery (CSRF) vulnerability in Skycaiji 1.2 SkyCaiji 1.2 allows CSRF to add an Administrator user. | 8.8 |