Cskaza - Cszcms CVE

Filtered by vendor Cskaza Subscribe

Filtered by product Cszcms

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2023-34545	1 Cskaza	1 Cszcms	2023-08-11	N/A	9.8 CRITICAL
A SQL injection vulnerability in CSZCMS 1.3.0 allows remote attackers to run arbitrary SQL commands via p parameter or the search URL.
CVE-2021-46377	1 Cskaza	1 Cszcms	2022-02-02	7.5 HIGH	9.8 CRITICAL
There is a front-end sql injection vulnerability in cszcms 1.2.9 via cszcms/controllers/Member.php#viewUser

Vulnerabilities (CVE)