Damicms CVE - OpenCVE

Filtered by vendor Damicms Subscribe

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2020-18451	1 Damicms	1 Damicms	2021-08-13	3.5 LOW	4.8 MEDIUM
Cross Site Scripting (XSS) vulnerability exists in DamiCMS v6.0.6 via the title parameter in the doadd function in LabelAction.class.php.
CVE-2018-14831	1 Damicms	1 Damicms	2019-07-17	4.0 MEDIUM	4.9 MEDIUM
An arbitrary file read vulnerability in DamiCMS v6.0.0 allows remote authenticated administrators to read any files in the server via a crafted /admin.php?s=Tpl/Add/id/ URI.

Vulnerabilities (CVE)