Vulnerabilities > Wayang CMS Project
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-07-14 | CVE-2020-29146 | Cross-site Scripting vulnerability in Wayang-Cms Project Wayang-Cms 1.0 A cross site scripting (XSS) vulnerability in index.php of Wayang-CMS v1.0 allows attackers to execute arbitrary web scripts or HTML via a constructed payload created by adding the X-Forwarded-For field to the header. | 6.1 |
2021-07-14 | CVE-2020-29147 | SQL Injection vulnerability in Wayang-Cms Project Wayang-Cms 1.0 A SQL injection vulnerability in wy_controlls/wy_side_visitor.php of Wayang-CMS v1.0 allows attackers to obtain sensitive database information. | 7.5 |