iiSiLvEr/CVEs

Releases0

Stars1

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2021-43741 ↗	Apr 13, 2022Wednesday, 13 April 2022, 14:15	9.8 CRITICAL	7.5 HIGH
CMSimple 5.4 is vulnerable to Directory Traversal. The vulnerability exists when a user changes the file name to malicious file on config.php leading to remote code execution.
CVE-2021-43742 ↗	Apr 13, 2022Wednesday, 13 April 2022, 13:15	5.4 MEDIUM	3.5 LOW
CMSimple 5.4 is vulnerable to Cross Site Scripting (XSS) via the file upload feature.
CVE-2021-40219 ↗	Apr 11, 2022Monday, 11 April 2022, 17:15	8.8 HIGH	6.5 MEDIUM
Bolt CMS <= 4.2 is vulnerable to Remote Code Execution. Unsafe theme rendering allows an authenticated attacker to edit theme to inject server-side template injection that leads to remote code execution.