Skip to main content

Atomcms

9 CVEs product

Monthly

CVE-2022-28036 CRITICAL POC Act Now

AtomCMS 2.0 is vulnerable to SQL Injection via Atom.CMS_admin_ajax_navigation.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Atomcms
NVD GitHub
CVSS 3.1
9.8
EPSS
1.4%
CVE-2022-28035 CRITICAL POC Act Now

Atom.CMS 2.0 is vulnerable to SQL Injection via Atom.CMS_admin_ajax_blur-save.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Atomcms
NVD GitHub
CVSS 3.1
9.8
EPSS
1.4%
CVE-2022-28034 CRITICAL POC Act Now

AtomCMS 2.0 is vulnerabie to SQL Injection via Atom.CMS_admin_ajax_list-sort.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Atomcms
NVD GitHub
CVSS 3.1
9.8
EPSS
1.4%
CVE-2022-28033 CRITICAL POC Act Now

Atom.CMS 2.0 is vulnerable to SQL Injection via Atom.CMS_admin_uploads.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Atomcms
NVD GitHub
CVSS 3.1
9.8
EPSS
5.4%
CVE-2022-28032 CRITICAL POC Act Now

AtomCMS 2.0 is vulnerable to SQL Injection via Atom.CMS_admin_ajax_pages.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Atomcms
NVD GitHub
CVSS 3.1
9.8
EPSS
5.9%
CVE-2022-25489 MEDIUM POC This Month

Atom CMS v2.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the "A" parameter in /widgets/debug.php. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Atomcms
NVD GitHub
CVSS 3.1
5.4
EPSS
1.5%
CVE-2022-25488 CRITICAL POC Act Now

Atom CMS v2.0 was discovered to contain a SQL injection vulnerability via the id parameter in /admin/ajax/avatar.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Atomcms
NVD GitHub
CVSS 3.1
9.8
EPSS
7.1%
CVE-2022-25487 CRITICAL POC THREAT Act Now

Atom CMS v2.0 was discovered to contain a remote code execution (RCE) vulnerability via /admin/uploads.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP RCE File Upload Atomcms
NVD GitHub
CVSS 3.1
9.8
EPSS
54.8%
CVE-2014-4852 HIGH POC This Week

SQL injection vulnerability in admin/uploads.php in The Digital Craft AtomCMS, possibly 2.0, allows remote attackers to execute arbitrary SQL commands via the id parameter. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Atomcms
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
0.9%
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

AtomCMS 2.0 is vulnerable to SQL Injection via Atom.CMS_admin_ajax_navigation.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Atomcms
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Atom.CMS 2.0 is vulnerable to SQL Injection via Atom.CMS_admin_ajax_blur-save.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Atomcms
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

AtomCMS 2.0 is vulnerabie to SQL Injection via Atom.CMS_admin_ajax_list-sort.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Atomcms
NVD GitHub
EPSS 5% CVSS 9.8
CRITICAL POC Act Now

Atom.CMS 2.0 is vulnerable to SQL Injection via Atom.CMS_admin_uploads.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Atomcms
NVD GitHub
EPSS 6% CVSS 9.8
CRITICAL POC Act Now

AtomCMS 2.0 is vulnerable to SQL Injection via Atom.CMS_admin_ajax_pages.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Atomcms
NVD GitHub
EPSS 1% CVSS 5.4
MEDIUM POC This Month

Atom CMS v2.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the "A" parameter in /widgets/debug.php. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Atomcms
NVD GitHub
EPSS 7% CVSS 9.8
CRITICAL POC Act Now

Atom CMS v2.0 was discovered to contain a SQL injection vulnerability via the id parameter in /admin/ajax/avatar.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Atomcms
NVD GitHub
EPSS 55% CVSS 9.8
CRITICAL POC THREAT Act Now

Atom CMS v2.0 was discovered to contain a remote code execution (RCE) vulnerability via /admin/uploads.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP RCE File Upload +1
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC This Week

SQL injection vulnerability in admin/uploads.php in The Digital Craft AtomCMS, possibly 2.0, allows remote attackers to execute arbitrary SQL commands via the id parameter. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Atomcms
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy