Mochazz/Mochazz.github.io

Releases0

Stars12

https://mochazz.github.io

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2018-18083 ↗	Oct 9, 2018Tuesday, 9 October 2018, 18:29	—	7.5 HIGH
An issue was discovered in DuomiCMS 3.0. Remote PHP code execution is possible via the search.php searchword parameter because "eval" is used during "if" processing.
CVE-2018-18084 ↗	Oct 9, 2018Tuesday, 9 October 2018, 18:29	9.8 CRITICAL	7.5 HIGH
An issue was discovered in DuomiCMS 3.0. SQL injection exists in the ajax.php file, as demonstrated by the uid parameter.