Skip to main content

Kentico Cms

3 CVEs product

Monthly

CVE-2021-27581 CRITICAL Act Now

The Blog module in Kentico CMS 5.5 R2 build 5.5.3996 allows SQL injection via the tagname parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Kentico Cms
NVD GitHub
CVSS 3.1
9.8
EPSS
1.6%
CVE-2015-7823 MEDIUM POC THREAT This Month

Open redirect vulnerability in CMSPages/GetDocLink.ashx in Kentico CMS 8.2 through 8.2.41 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 12.7%.

Open Redirect Kentico Cms
NVD
CVSS 2.0
5.8
EPSS
12.7%
CVE-2015-7822 MEDIUM POC This Month

Multiple cross-site scripting (XSS) vulnerabilities in Kentico CMS 8.2 allow remote attackers to inject arbitrary web script or HTML via a (1) parameter name to. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Kentico Cms
NVD
CVSS 2.0
5.0
EPSS
0.3%
EPSS 2% CVSS 9.8
CRITICAL Act Now

The Blog module in Kentico CMS 5.5 R2 build 5.5.3996 allows SQL injection via the tagname parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Kentico Cms
NVD GitHub
EPSS 13% CVSS 5.8
MEDIUM POC THREAT This Month

Open redirect vulnerability in CMSPages/GetDocLink.ashx in Kentico CMS 8.2 through 8.2.41 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 12.7%.

Open Redirect Kentico Cms
NVD
EPSS 0% CVSS 5.0
MEDIUM POC This Month

Multiple cross-site scripting (XSS) vulnerabilities in Kentico CMS 8.2 allow remote attackers to inject arbitrary web script or HTML via a (1) parameter name to. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Kentico Cms
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy