Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Wdja Subscribe
Filtered by product Wdja Cms
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-20982 1 Wdja 1 Wdja Cms 2021-11-04 6.8 MEDIUM 9.6 CRITICAL
Cross Site Scripting (XSS) vulnerability in shadoweb wdja v1.5.1, allows attackers to execute arbitrary code and gain escalated privileges, via the backurl parameter to /php/passport/index.php.
CVE-2020-21658 1 Wdja 1 Wdja Cms 2021-10-15 4.3 MEDIUM 6.5 MEDIUM
A Cross-Site Request Forgery (CSRF) in WDJA CMS v1.5.2 allows attackers to arbitrarily add administrator accounts via a crafted URL.
CVE-2020-21648 1 Wdja 1 Wdja Cms 2021-10-14 6.4 MEDIUM 9.1 CRITICAL
WDJA CMS v1.5.2 contains an arbitrary file deletion vulnerability in the component admin/cache/manage.php.
CVE-2020-23631 1 Wdja 1 Wdja Cms 2021-07-21 4.3 MEDIUM 6.1 MEDIUM
Cross-site request forgery (CSRF) in admin/global/manage.php in WDJA CMS 1.5 allows remote attackers to conduct cross-site scripting (XSS) attacks via the tongji parameter.