Nanocms

2 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2026-1978 MEDIUM This Month

NanoCMS versions up to 0.4 contain an information disclosure vulnerability in the User Information Handler component that exposes sensitive data from the /data/pagesdata.txt file through unauthenticated remote requests. Public exploit code exists for this vulnerability, which allows attackers to retrieve partial confidential information without authentication. Users should update to a patched version or implement strict access controls on the affected file until an official patch is available.

Information Disclosure Nanocms
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2022-50898 HIGH POC This Week

Nanocms versions up to 0.4 is affected by unrestricted upload of file with dangerous type (CVSS 8.8).

PHP RCE Nanocms
NVD GitHub Exploit-DB
CVSS 3.1
8.8
EPSS
0.3%
CVE-2026-1978
EPSS 0% CVSS 5.3
MEDIUM This Month

NanoCMS versions up to 0.4 contain an information disclosure vulnerability in the User Information Handler component that exposes sensitive data from the /data/pagesdata.txt file through unauthenticated remote requests. Public exploit code exists for this vulnerability, which allows attackers to retrieve partial confidential information without authentication. Users should update to a patched version or implement strict access controls on the affected file until an official patch is available.

Information Disclosure Nanocms
NVD GitHub VulDB
CVE-2022-50898
EPSS 0% CVSS 8.8
HIGH POC This Week

Nanocms versions up to 0.4 is affected by unrestricted upload of file with dangerous type (CVSS 8.8).

PHP RCE Nanocms
NVD GitHub Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy