9.8CVSS
9.4AI Score
0.002EPSS
CmsWing CMS 1.3.7 is affected by a Remote Code Execution (RCE) vulnerability via parameter: log...
9.8CVSS
9.7AI Score
0.006EPSS
There is a cross site scripting vulnerability on CmsWing 1.3.7. This vulnerability (stored XSS) is triggered when an administrator accesses the content management...
5.4CVSS
5.3AI Score
0.001EPSS
There is a cross site scripting vulnerability on CmsWing 1.3.7. This vulnerability (stored XSS) is triggered when visitors access the article...
5.4CVSS
5.3AI Score
0.001EPSS
An issue was found in CMSWing project version 1.3.8. Because the log function does not check the log parameter, malicious parameters can execute arbitrary...
9.8CVSS
9.6AI Score
0.004EPSS
An issue was found in CMSWing project version 1.3.8. Because the updateAction function does not check the detail parameter, malicious parameters can execute arbitrary SQL...
9.8CVSS
9.8AI Score
0.004EPSS
An issue was found in CMSWing project version 1.3.8, Because the rechargeAction function does not check the balance parameter, malicious parameters can execute arbitrary SQL...
9.8CVSS
9.8AI Score
0.004EPSS
global.encryptPassword in bootstrap/global.js in CMSWing 1.3.7 relies on multiple MD5 operations for password...
7.5CVSS
7.6AI Score
0.004EPSS