Skip to main content

Kkcms

3 CVEs product

Monthly

CVE-2022-32101 CRITICAL POC Act Now

kkcms v1.3.7 was discovered to contain a SQL injection vulnerability via the cid parameter at /template/wapian/vlist.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Kkcms
NVD
CVSS 3.1
9.8
EPSS
1.1%
CVE-2019-16923 MEDIUM POC This Month

kkcms 1.3 has jx.php?url= XSS. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Kkcms
NVD GitHub
CVSS 3.1
6.1
EPSS
0.8%
CVE-2019-16706 HIGH POC This Week

kkcms v1.3 has a CSRF vulnerablity that can add an user account via admin/cms_user_add.php. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP CSRF Kkcms
NVD GitHub
CVSS 3.1
8.8
EPSS
0.6%
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

kkcms v1.3.7 was discovered to contain a SQL injection vulnerability via the cid parameter at /template/wapian/vlist.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Kkcms
NVD
EPSS 1% CVSS 6.1
MEDIUM POC This Month

kkcms 1.3 has jx.php?url= XSS. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Kkcms
NVD GitHub
EPSS 1% CVSS 8.8
HIGH POC This Week

kkcms v1.3 has a CSRF vulnerablity that can add an user account via admin/cms_user_add.php. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP CSRF Kkcms
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy