Skip to main content

Ed01 Cms

3 CVEs product

Monthly

CVE-2024-30890 MEDIUM POC This Month

Cross Site Scripting vulnerability in ED01-CMS v.1.0 allows an attacker to obtain sensitive information via the categories.php component. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Ed01 Cms
NVD GitHub
CVSS 3.1
4.7
EPSS
0.4%
CVE-2022-28525 HIGH This Week

ED01-CMS v20180505 was discovered to contain an arbitrary file upload vulnerability via /admin/users.php?source=edit_user&id=1. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP File Upload Ed01 Cms
NVD GitHub
CVSS 3.1
8.8
EPSS
1.0%
CVE-2022-28524 CRITICAL Act Now

ED01-CMS v20180505 was discovered to contain a SQL injection vulnerability via the component post.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP SQLi Ed01 Cms
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
EPSS 0% CVSS 4.7
MEDIUM POC This Month

Cross Site Scripting vulnerability in ED01-CMS v.1.0 allows an attacker to obtain sensitive information via the categories.php component. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Ed01 Cms
NVD GitHub
EPSS 1% CVSS 8.8
HIGH This Week

ED01-CMS v20180505 was discovered to contain an arbitrary file upload vulnerability via /admin/users.php?source=edit_user&id=1. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP File Upload Ed01 Cms
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL Act Now

ED01-CMS v20180505 was discovered to contain a SQL injection vulnerability via the component post.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP SQLi Ed01 Cms
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy