Cm3 Acora Content Management System

2 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2025-25968 MEDIUM This Month

DDSN Interactive cm3 Acora CMS version 10.1.1 contains an improper access control vulnerability. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Privilege Escalation Cm3 Acora Content Management System
NVD GitHub
CVSS 3.1
6.0
EPSS
0.6%
CVE-2025-22964 HIGH This Month

DDSN Interactive cm3 Acora CMS version 10.1.1 has an unauthenticated time-based blind SQL Injection vulnerability caused by insufficient input sanitization and validation in the "table" parameter. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 12.6% and no vendor patch available.

Authentication Bypass SQLi Cm3 Acora Content Management System
NVD GitHub
CVSS 3.1
8.1
EPSS
12.6%
CVE-2025-25968
EPSS 1% CVSS 6.0
MEDIUM This Month

DDSN Interactive cm3 Acora CMS version 10.1.1 contains an improper access control vulnerability. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Privilege Escalation Cm3 Acora Content Management System
NVD GitHub
CVE-2025-22964
EPSS 13% CVSS 8.1
HIGH This Month

DDSN Interactive cm3 Acora CMS version 10.1.1 has an unauthenticated time-based blind SQL Injection vulnerability caused by insufficient input sanitization and validation in the "table" parameter. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 12.6% and no vendor patch available.

Authentication Bypass SQLi Cm3 Acora Content Management System
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy