Vulnerabilities > Wdja

DATE	CVE	VULNERABILITY TITLE	RISK
2022-05-04	CVE-2021-42185	SQL Injection vulnerability in Wdja 2.1 wdja v2.1 is affected by a SQL injection vulnerability in the foreground search function. network low complexity wdja CWE-89 critical	9.8
2021-11-03	CVE-2020-20982	Cross-site Scripting vulnerability in Wdja CMS 1.5.1 Cross Site Scripting (XSS) vulnerability in shadoweb wdja v1.5.1, allows attackers to execute arbitrary code and gain escalated privileges, via the backurl parameter to /php/passport/index.php. network low complexity wdja CWE-79 critical	9.6
2021-10-06	CVE-2020-21648	Unspecified vulnerability in Wdja CMS 1.5.2 WDJA CMS v1.5.2 contains an arbitrary file deletion vulnerability in the component admin/cache/manage.php. network low complexity wdja critical	9.1
2021-10-06	CVE-2020-21658	Cross-Site Request Forgery (CSRF) vulnerability in Wdja CMS 1.5.2 A Cross-Site Request Forgery (CSRF) in WDJA CMS v1.5.2 allows attackers to arbitrarily add administrator accounts via a crafted URL. network low complexity wdja CWE-352	6.5
2021-01-11	CVE-2020-23631	Cross-Site Request Forgery (CSRF) vulnerability in Wdja CMS 1.5 Cross-site request forgery (CSRF) in admin/global/manage.php in WDJA CMS 1.5 allows remote attackers to conduct cross-site scripting (XSS) attacks via the tongji parameter. network low complexity wdja CWE-352	6.1

Vulnerabilities > Wdja {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Wdja"}]}