CVE-2019-25697
- EPSS 0.07%
- Veröffentlicht 12.04.2026 12:28:48
- Zuletzt bearbeitet 17.04.2026 16:41:44
CMSsite 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the cat_id parameter. Attackers can send GET requests to category.php with malicious cat_id values ...
CVE-2019-25682
- EPSS 0.01%
- Veröffentlicht 05.04.2026 20:45:31
- Zuletzt bearbeitet 09.04.2026 19:31:50
CMSsite 1.0 contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized administrative actions by crafting malicious HTML forms. Attackers can trick authenticated administrators into visiting crafted pages that s...
CVE-2019-25674
- EPSS 0.24%
- Veröffentlicht 05.04.2026 20:45:26
- Zuletzt bearbeitet 09.04.2026 19:36:36
CMSsite 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'post' parameter. Attackers can send GET requests to post.php with malicious 'post' values to e...