Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Ayacms Project Subscribe
Filtered by product Ayacms
Total 9 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-48116 1 Ayacms Project 1 Ayacms 2023-02-03 N/A 7.2 HIGH
AyaCMS v3.1.2 was discovered to contain a remote code execution (RCE) vulnerability via the component /admin/tpl_edit.inc.php.
CVE-2022-47926 1 Ayacms Project 1 Ayacms 2023-01-05 N/A 9.8 CRITICAL
AyaCMS 3.1.2 is vulnerable to file deletion via /aya/module/admin/fst_del.inc.php
CVE-2022-46102 1 Ayacms Project 1 Ayacms 2023-01-05 N/A 9.8 CRITICAL
AyaCMS 3.1.2 is vulnerable to Arbitrary file upload via /aya/module/admin/fst_down.inc.php
CVE-2022-46101 1 Ayacms Project 1 Ayacms 2023-01-05 N/A 8.8 HIGH
AyaCMS v3.1.2 was found to have a code flaw in the ust_sql.inc.php file, which allows attackers to cause command execution by inserting malicious code.
CVE-2022-45550 1 Ayacms Project 1 Ayacms 2022-12-08 N/A 9.8 CRITICAL
AyaCMS 3.1.2 is vulnerable to Remote Code Execution (RCE).
CVE-2022-45548 1 Ayacms Project 1 Ayacms 2022-12-07 N/A 8.8 HIGH
AyaCMS v3.1.2 has an Arbitrary File Upload vulnerability.
CVE-2022-43074 1 Ayacms Project 1 Ayacms 2022-11-15 N/A 9.8 CRITICAL
AyaCMS v3.1.2 was discovered to contain an arbitrary file upload vulnerability via the component /admin/fst_upload.inc.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.
CVE-2021-44238 1 Ayacms Project 1 Ayacms 2022-03-08 6.5 MEDIUM 7.2 HIGH
AyaCMS 3.1.2 is vulnerable to Remote Code Execution (RCE) via /aya/module/admin/ust_tab_e.inc.php,
CVE-2020-23686 1 Ayacms Project 1 Ayacms 2021-11-08 6.8 MEDIUM 8.8 HIGH
Cross site request forgery (CSRF) vulnerability in AyaCMS 3.1.2 allows attackers to change an administrators password or other unspecified impacts.