Vulnerabilities > Victor CMS Project

DATE CVE VULNERABILITY TITLE RISK
2020-10-27 CVE-2020-23945 SQL Injection vulnerability in Victor CMS Project Victor CMS 1.0
A SQL injection vulnerability exists in Victor CMS V1.0 in the cat_id parameter of the category.php file.
network
low complexity
victor-cms-project CWE-89
7.5
2020-07-07 CVE-2020-15599 Cross-site Scripting vulnerability in Victor CMS Project Victor CMS 1.0/20180510/20190228
Victor CMS through 2019-02-28 allows XSS via the register.php user_firstname or user_lastname field.
network
low complexity
victor-cms-project CWE-79
6.1
2018-09-10 CVE-2018-16775 Cross-site Scripting vulnerability in Victor CMS Project Victor CMS 1.0/20180510
An issue was discovered in Victor CMS through 2018-05-10.
network
low complexity
victor-cms-project CWE-79
4.8
2018-08-21 CVE-2018-15603 Cross-site Scripting vulnerability in Victor CMS Project Victor CMS 1.0/20180510
An issue was discovered in Victor CMS through 2018-05-10.
network
low complexity
victor-cms-project CWE-79
6.1