Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Cuppacms Subscribe
Total 23 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-17300 1 Cuppacms 1 Cuppacms 2019-09-16 3.5 LOW 4.8 MEDIUM
Stored XSS exists in CuppaCMS through 2018-09-03 via an administrator/#/component/table_manager/view/cu_menus section name.
CVE-2018-19918 1 Cuppacms 1 Cuppacms 2019-02-25 3.5 LOW 5.4 MEDIUM
CuppaCMS has XSS via an SVG document uploaded to the administrator/#/component/table_manager/view/cu_views URI.
CVE-2018-19559 1 Cuppacms 1 Cuppacms 2018-12-18 7.5 HIGH 9.8 CRITICAL
CuppaCMS before 2018-11-12 has SQL Injection in administrator/classes/ajax/functions.php via the reference_id parameter.