Vulnerabilities > Wdja > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-05-04 CVE-2021-42185 SQL Injection vulnerability in Wdja 2.1
wdja v2.1 is affected by a SQL injection vulnerability in the foreground search function.
network
low complexity
wdja CWE-89
critical
 9.8
9.8
2021-11-03 CVE-2020-20982 Cross-site Scripting vulnerability in Wdja CMS 1.5.1
Cross Site Scripting (XSS) vulnerability in shadoweb wdja v1.5.1, allows attackers to execute arbitrary code and gain escalated privileges, via the backurl parameter to /php/passport/index.php.
network
low complexity
wdja CWE-79
critical
 9.6
9.6
2021-10-06 CVE-2020-21648 Unspecified vulnerability in Wdja CMS 1.5.2
WDJA CMS v1.5.2 contains an arbitrary file deletion vulnerability in the component admin/cache/manage.php.
network
low complexity
wdja
critical
 9.1
9.1