Skip to main content

Webedition Cms

4 CVEs product

Monthly

CVE-2024-28418 MEDIUM POC This Month

Webedition CMS 9.2.2.0 has a File upload vulnerability via /webEdition/we_cmd.php. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP File Upload Webedition Cms
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2024-28417 MEDIUM POC This Month

Webedition CMS 9.2.2.0 has a Stored XSS vulnerability via /webEdition/we_cmd.php. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Webedition Cms
NVD
CVSS 3.1
6.3
EPSS
0.3%
CVE-2014-5258 MEDIUM POC THREAT This Month

Directory traversal vulnerability in showTempFile.php in webEdition CMS before 6.3.9.0 Beta allows remote authenticated users to read arbitrary files via a .. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 81.2%.

Path Traversal PHP Webedition Cms
NVD Exploit-DB
CVSS 2.0
4.0
EPSS
81.2%
Threat
4.7
CVE-2014-2303 HIGH POC This Week

Multiple SQL injection vulnerabilities in the file browser component (we_fs.php) in webEdition CMS before 6.2.7-s1.2 and 6.3.x through 6.3.8 before -s1 allow remote attackers to execute arbitrary SQL. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Webedition Cms
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
4.1%
EPSS 0% CVSS 6.5
MEDIUM POC This Month

Webedition CMS 9.2.2.0 has a File upload vulnerability via /webEdition/we_cmd.php. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP File Upload Webedition Cms
NVD
EPSS 0% CVSS 6.3
MEDIUM POC This Month

Webedition CMS 9.2.2.0 has a Stored XSS vulnerability via /webEdition/we_cmd.php. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Webedition Cms
NVD
EPSS 81% 4.7 CVSS 4.0
MEDIUM POC THREAT This Month

Directory traversal vulnerability in showTempFile.php in webEdition CMS before 6.3.9.0 Beta allows remote authenticated users to read arbitrary files via a .. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 81.2%.

Path Traversal PHP Webedition Cms
NVD Exploit-DB
EPSS 4% CVSS 7.5
HIGH POC This Week

Multiple SQL injection vulnerabilities in the file browser component (we_fs.php) in webEdition CMS before 6.2.7-s1.2 and 6.3.x through 6.3.8 before -s1 allow remote attackers to execute arbitrary SQL. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Webedition Cms
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy