Openrapid

Rapidcms

17 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2026-38930

  • EPSS 0.32%
  • Veröffentlicht 27.05.2026 00:00:00
  • Zuletzt bearbeitet 28.05.2026 17:16:21

OpenRapid RapidCMS v1.3.1 was discovered to contain an authentication bypass in the /template/default/menu.php component. This vulnerability is exploited via injecting a crafted SQL payload into the name cookie parameter.

6.1

CVE-2025-64047

  • EPSS 0.16%
  • Veröffentlicht 24.11.2025 00:00:00
  • Zuletzt bearbeitet 02.12.2025 03:07:14

OpenRapid RapidCMS 1.3.1 is vulnerable to Cross Site Scripting (XSS) in /user/user-move.php.

6.1

CVE-2025-64046

  • EPSS 0.16%
  • Veröffentlicht 17.11.2025 00:00:00
  • Zuletzt bearbeitet 19.11.2025 13:11:59

OpenRapid RapidCMS 1.3.1 is vulnerable to Cross Site Scripting (XSS) in /system/update-run.php.

9.8

CVE-2024-45771

Exploit
  • EPSS 0.49%
  • Veröffentlicht 06.09.2024 22:15:02
  • Zuletzt bearbeitet 22.04.2025 14:03:43

RapidCMS v1.3.1 was discovered to contain a SQL injection vulnerability via the password parameter at /resource/runlogin.php.

9.8

CVE-2024-44839

Exploit
  • EPSS 0.49%
  • Veröffentlicht 06.09.2024 22:15:02
  • Zuletzt bearbeitet 22.04.2025 14:03:59

RapidCMS v1.3.1 was discovered to contain a SQL injection vulnerability via the articleid parameter at /default/article.php.

9.8

CVE-2024-44838

Exploit
  • EPSS 0.5%
  • Veröffentlicht 06.09.2024 22:15:02
  • Zuletzt bearbeitet 22.04.2025 14:04:24

RapidCMS v1.3.1 was discovered to contain a SQL injection vulnerability via the username parameter at /resource/runlogin.php.

9.8

CVE-2024-8335

Exploit
  • EPSS 0.59%
  • Veröffentlicht 30.08.2024 13:15:13
  • Zuletzt bearbeitet 19.09.2024 15:31:21

A vulnerability classified as critical has been found in OpenRapid RapidCMS up to 1.3.1. Affected is an unknown function of the file /resource/runlogon.php. The manipulation of the argument username leads to sql injection. It is possible to launch th...

9.8

CVE-2024-8331

Exploit
  • EPSS 0.58%
  • Veröffentlicht 30.08.2024 11:15:15
  • Zuletzt bearbeitet 03.09.2024 14:25:51

A vulnerability was found in OpenRapid RapidCMS up to 1.3.1. It has been classified as critical. This affects an unknown part of the file /admin/user/user-move-run.php. The manipulation of the argument username leads to sql injection. It is possible ...

8.8

CVE-2023-5262

Exploit
  • EPSS 0.64%
  • Veröffentlicht 29.09.2023 14:15:11
  • Zuletzt bearbeitet 21.11.2024 08:41:24

A vulnerability has been found in OpenRapid RapidCMS 1.3.1 and classified as critical. Affected by this vulnerability is the function isImg of the file /admin/config/uploadicon.php. The manipulation of the argument fileName leads to unrestricted uplo...

9.8

CVE-2023-5258

Exploit
  • EPSS 0.6%
  • Veröffentlicht 29.09.2023 12:15:13
  • Zuletzt bearbeitet 21.11.2024 08:41:23

A vulnerability classified as critical has been found in OpenRapid RapidCMS 1.3.1. This affects an unknown part of the file /resource/addgood.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remot...