Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Victor Cms Project Subscribe

CVSS v3 Filter

ALL
NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 7 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-35597 1 Victor Cms Project 1 Victor Cms 2022-06-27 6.5 MEDIUM 8.8 HIGH
Victor CMS 1.0 is vulnerable to SQL injection via c_id parameter of admin_edit_comment.php, p_id parameter of admin_edit_post.php, u_id parameter of admin_edit_user.php, and edit parameter of admin_update_categories.php.
CVE-2022-28060 1 Victor Cms Project 1 Victor Cms 2022-05-06 5.0 MEDIUM 7.5 HIGH
SQL Injection vulnerability in Victor CMS v1.0, via the user_name parameter to /includes/login.php.
CVE-2022-27478 1 Victor Cms Project 1 Victor Cms 2022-04-29 6.5 MEDIUM 8.8 HIGH
Victor v1.0 was discovered to contain a remote code execution (RCE) vulnerability via the component admin/profile.php?section=admin.
CVE-2021-46458 1 Victor Cms Project 1 Victor Cms 2022-02-19 5.0 MEDIUM 7.5 HIGH
Victor CMS v1.0 was discovered to contain a SQL injection vulnerability in the component admin/posts.php?source=add_post. This vulnerability can be exploited through a crafted POST request via the post_title parameter.
CVE-2022-23873 1 Victor Cms Project 1 Victor Cms 2022-02-08 6.5 MEDIUM 8.8 HIGH
Victor CMS v1.0 was discovered to contain a SQL injection vulnerability that allows attackers to inject arbitrary commands via 'user_firstname' parameter.
CVE-2021-46459 1 Victor Cms Project 1 Victor Cms 2022-02-04 5.0 MEDIUM 7.5 HIGH
Victor CMS v1.0 was discovered to contain multiple SQL injection vulnerabilities in the component admin/users.php?source=add_user. These vulnerabilities can be exploited through a crafted POST request via the user_name, user_firstname,user_lastname, or user_email parameters.
CVE-2020-23945 1 Victor Cms Project 1 Victor Cms 2020-10-27 5.0 MEDIUM 7.5 HIGH
A SQL injection vulnerability exists in Victor CMS V1.0 in the cat_id parameter of the category.php file. This parameter can be used by sqlmap to obtain data information in the database.