Vulnerabilities > Skycaiji

DATE CVE VULNERABILITY TITLE RISK
2024-06-26 CVE-2024-39241 Cross-site Scripting vulnerability in Skycaiji 2.8
Cross Site Scripting (XSS) vulnerability in skycaiji 2.8 allows attackers to run arbitrary code via /admin/tool/preview.
network
low complexity
skycaiji CWE-79
6.1
2024-06-26 CVE-2024-39242 Cross-site Scripting vulnerability in Skycaiji 2.8
A cross-site scripting (XSS) vulnerability in skycaiji v2.8 allows attackers to execute arbitrary web scripts or HTML via a crafted payload using eval(String.fromCharCode()).
network
low complexity
skycaiji CWE-79
6.1
2024-06-22 CVE-2024-6252 Unspecified vulnerability in Skycaiji
A vulnerability has been found in Zorlan SkyCaiji up to 2.8 and classified as problematic.
network
low complexity
skycaiji
6.1
2023-05-26 CVE-2023-33394 Cross-site Scripting vulnerability in Skycaiji 2.5.4
skycaiji v2.5.4 is vulnerable to Cross Site Scripting (XSS).
network
low complexity
skycaiji CWE-79
5.4
2022-12-07 CVE-2022-44351 Deserialization of Untrusted Data vulnerability in Skycaiji 2.5.1
Skycaiji v2.5.1 was discovered to contain a deserialization vulnerability via /SkycaijiApp/admin/controller/Mystore.php.
network
low complexity
skycaiji CWE-502
critical
9.8
2022-05-04 CVE-2022-28096 Unspecified vulnerability in Skycaiji 2.4
Skycaiji v2.4 was discovered to contain a remote code execution (RCE) vulnerability via /SkycaijiApp/admin/controller/Develop.php.
network
low complexity
skycaiji
7.2
2021-08-20 CVE-2020-18878 Path Traversal vulnerability in Skycaiji 1.3
Directory Traversal in Skycaiji v1.3 allows remote attackers to obtain sensitive information via the component 'index.php?m=admin&c=Tool&a=log&file=D%3A%5CphpStudy%5CWWW%5Cindex.php'.
network
low complexity
skycaiji CWE-22
5.3
2018-05-22 CVE-2018-11371 Cross-Site Request Forgery (CSRF) vulnerability in Skycaiji 1.2
SkyCaiji 1.2 allows CSRF to add an Administrator user.
network
low complexity
skycaiji CWE-352
8.8