Vulnerabilities > WE COM

DATE CVE VULNERABILITY TITLE RISK
2020-07-05 CVE-2020-15540 SQL Injection vulnerability in We-Com Opendata CMS 2.0
We-com OpenData CMS 2.0 allows SQL Injection via the username field on the administrator login page.
network
low complexity
we-com CWE-89
critical
9.8
2020-07-05 CVE-2020-15539 SQL Injection vulnerability in We-Com Municipality Portal CMS 2.1.0
SQL injection can occur in We-com Municipality portal CMS 2.1.x via the cerca/ keywords field.
network
low complexity
we-com CWE-89
critical
9.8
2020-07-05 CVE-2020-15538 Cross-site Scripting vulnerability in We-Com Municipality Portal CMS 2.1.0
XSS can occur in We-com Municipality portal CMS 2.1.x via the cerca/ search bar.
network
low complexity
we-com CWE-79
6.1