SQL injection vulnerability in admin/uploads.php in The Digital Craft AtomCMS, possibly 2.0, allows remote attackers to execute arbitrary SQL commands via the id parameter.
8.7AI Score
0.001EPSS
AtomCMS v2.0 was discovered to contain a SQL injection vulnerability via /admin/login.php.
9.8CVSS
9.7AI Score
0.35EPSS
Atom CMS v2.0 was discovered to contain a remote code execution (RCE) vulnerability via /admin/uploads.php.
9.8CVSS
9.8AI Score
0.836EPSS
Atom CMS v2.0 was discovered to contain a SQL injection vulnerability via the id parameter in /admin/ajax/avatar.php.
9.8CVSS
9.8AI Score
0.017EPSS
Atom CMS v2.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the "A" parameter in /widgets/debug.php.
5.4CVSS
5.3AI Score
0.001EPSS
9.8CVSS
9.8AI Score
0.016EPSS
9.8CVSS
9.8AI Score
0.002EPSS
9.8CVSS
9.8AI Score
0.002EPSS
9.8CVSS
9.8AI Score
0.002EPSS
9.8CVSS
9.8AI Score
0.002EPSS