Skip to main content

Luocms

10 CVEs product

Monthly

CVE-2022-24609 CRITICAL POC Act Now

Luocms v2.0 is affected by an incorrect access control vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Authentication Bypass Luocms
NVD GitHub
CVSS 3.1
9.8
EPSS
1.5%
CVE-2022-24608 MEDIUM POC This Month

Luocms v2.0 is affected by Cross Site Scripting (XSS) in /admin/news/sort_add.php and /inc/function.php. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Luocms
NVD GitHub
CVSS 3.1
6.1
EPSS
0.7%
CVE-2022-24607 CRITICAL POC Act Now

Luocms v2.0 is affected by SQL Injection in /admin/news/news_ok.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Luocms
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-24606 CRITICAL POC Act Now

Luocms v2.0 is affected by SQL Injection in /admin/news/sort_ok.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Luocms
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-24605 CRITICAL POC Act Now

Luocms v2.0 is affected by SQL Injection in /admin/link/link_ok.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Luocms
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-24604 CRITICAL POC Act Now

Luocms v2.0 is affected by SQL Injection in /admin/link/link_mod.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Luocms
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-24603 CRITICAL POC Act Now

Luocms v2.0 is affected by SQL Injection in /admin/news/sort_mod.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Luocms
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-24602 CRITICAL POC Act Now

Luocms v2.0 is affected by SQL Injection in /admin/news/news_mod.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Luocms
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-24601 HIGH POC This Week

Luocms v2.0 is affected by SQL Injection in /admin/manager/admin_mod.php. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Luocms
NVD GitHub
CVSS 3.1
7.5
EPSS
1.1%
CVE-2022-24600 CRITICAL POC Act Now

Luocms v2.0 is affected by SQL Injection through /admin/login.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Luocms
NVD GitHub
CVSS 3.1
9.8
EPSS
1.3%
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

Luocms v2.0 is affected by an incorrect access control vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Authentication Bypass Luocms
NVD GitHub
EPSS 1% CVSS 6.1
MEDIUM POC This Month

Luocms v2.0 is affected by Cross Site Scripting (XSS) in /admin/news/sort_add.php and /inc/function.php. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Luocms
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Luocms v2.0 is affected by SQL Injection in /admin/news/news_ok.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Luocms
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Luocms v2.0 is affected by SQL Injection in /admin/news/sort_ok.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Luocms
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Luocms v2.0 is affected by SQL Injection in /admin/link/link_ok.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Luocms
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Luocms v2.0 is affected by SQL Injection in /admin/link/link_mod.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Luocms
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Luocms v2.0 is affected by SQL Injection in /admin/news/sort_mod.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Luocms
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Luocms v2.0 is affected by SQL Injection in /admin/news/news_mod.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Luocms
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC This Week

Luocms v2.0 is affected by SQL Injection in /admin/manager/admin_mod.php. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Luocms
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Luocms v2.0 is affected by SQL Injection through /admin/login.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Luocms
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy