Skip to main content

Ayacms

6 CVEs product

Monthly

CVE-2022-47926 CRITICAL POC Act Now

AyaCMS 3.1.2 is vulnerable to file deletion via /aya/module/admin/fst_del.inc.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure PHP Ayacms
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2022-46102 CRITICAL POC Act Now

AyaCMS 3.1.2 is vulnerable to Arbitrary file upload via /aya/module/admin/fst_down.inc.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP File Upload Ayacms
NVD GitHub
CVSS 3.1
9.8
EPSS
0.7%
CVE-2022-46101 HIGH POC This Week

AyaCMS v3.1.2 was found to have a code flaw in the ust_sql.inc.php file, which allows attackers to cause command execution by inserting malicious code. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE PHP Code Injection Ayacms
NVD GitHub
CVSS 3.1
8.8
EPSS
1.1%
CVE-2022-45550 CRITICAL POC Act Now

AyaCMS 3.1.2 is vulnerable to Remote Code Execution (RCE). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Code Injection Ayacms
NVD GitHub
CVSS 3.1
9.8
EPSS
1.5%
CVE-2022-45548 HIGH POC This Week

AyaCMS v3.1.2 has an Arbitrary File Upload vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

File Upload Ayacms
NVD GitHub
CVSS 3.1
8.8
EPSS
0.8%
CVE-2022-43074 CRITICAL POC Act Now

AyaCMS v3.1.2 was discovered to contain an arbitrary file upload vulnerability via the component /admin/fst_upload.inc.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE PHP File Upload Ayacms
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

AyaCMS 3.1.2 is vulnerable to file deletion via /aya/module/admin/fst_del.inc.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure PHP Ayacms
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

AyaCMS 3.1.2 is vulnerable to Arbitrary file upload via /aya/module/admin/fst_down.inc.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP File Upload Ayacms
NVD GitHub
EPSS 1% CVSS 8.8
HIGH POC This Week

AyaCMS v3.1.2 was found to have a code flaw in the ust_sql.inc.php file, which allows attackers to cause command execution by inserting malicious code. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE PHP Code Injection +1
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

AyaCMS 3.1.2 is vulnerable to Remote Code Execution (RCE). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Code Injection Ayacms
NVD GitHub
EPSS 1% CVSS 8.8
HIGH POC This Week

AyaCMS v3.1.2 has an Arbitrary File Upload vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

File Upload Ayacms
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

AyaCMS v3.1.2 was discovered to contain an arbitrary file upload vulnerability via the component /admin/fst_upload.inc.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE PHP File Upload +1
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy