Total
23 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-17300 | 1 Cuppacms | 1 Cuppacms | 2019-09-16 | 3.5 LOW | 4.8 MEDIUM |
Stored XSS exists in CuppaCMS through 2018-09-03 via an administrator/#/component/table_manager/view/cu_menus section name. | |||||
CVE-2018-19918 | 1 Cuppacms | 1 Cuppacms | 2019-02-25 | 3.5 LOW | 5.4 MEDIUM |
CuppaCMS has XSS via an SVG document uploaded to the administrator/#/component/table_manager/view/cu_views URI. | |||||
CVE-2018-19559 | 1 Cuppacms | 1 Cuppacms | 2018-12-18 | 7.5 HIGH | 9.8 CRITICAL |
CuppaCMS before 2018-11-12 has SQL Injection in administrator/classes/ajax/functions.php via the reference_id parameter. |