Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Usualtool Subscribe
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-6244 1 Usualtool 1 Usualtoolcms 2019-01-24 6.8 MEDIUM 8.8 HIGH
An issue was discovered in UsualToolCMS 8.0. cmsadmin/a_sqlbackx.php?t=sql allows CSRF attacks that can execute SQL statements, and consequently execute arbitrary PHP code by writing that code into a .php file.
CVE-2018-20128 1 Usualtool 1 Usualtoolcms 2019-01-04 6.4 MEDIUM 7.5 HIGH
An issue was discovered in UsualToolCMS v8.0. cmsadmin\a_sqlback.php allows remote attackers to delete arbitrary files via a backname[] directory-traversal pathname followed by a crafted substring.
CVE-2018-18422 1 Usualtool 1 Usualtoolcms 2018-11-30 6.8 MEDIUM 8.8 HIGH
UsualToolCMS 8.0 allows CSRF for adding a user account via the cmsadmin/a_adminx.php?x=a URI.