Html-js - Doracms CVE

Filtered by vendor Html-js Subscribe

Filtered by product Doracms

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2023-49443	1 Html-js	1 Doracms	2023-12-11	N/A	9.8 CRITICAL
DoraCMS v2.1.8 was discovered to re-use the same code for verification of valid usernames and passwords. This vulnerability allows attackers to gain access to the application via a bruteforce attack.
CVE-2022-35147	1 Html-js	1 Doracms	2023-08-08	N/A	9.8 CRITICAL
DoraCMS v2.18 and earlier allows attackers to bypass login authentication via a crafted HTTP request.

Vulnerabilities (CVE)