Vulnerabilities (CVE)

Filtered by vendor Skycaiji Subscribe
Filtered by product Skycaiji
Total 8 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-6252 1 Skycaiji 1 Skycaiji 2024-11-21 3.3 LOW 2.4 LOW
A vulnerability has been found in Zorlan SkyCaiji up to 2.8 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Task Handler. The manipulation of the argument onerror leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-269419.
CVE-2024-39242 1 Skycaiji 1 Skycaiji 2024-11-21 N/A 6.1 MEDIUM
A cross-site scripting (XSS) vulnerability in skycaiji v2.8 allows attackers to execute arbitrary web scripts or HTML via a crafted payload using eval(String.fromCharCode()).
CVE-2024-39241 1 Skycaiji 1 Skycaiji 2024-11-21 N/A 6.1 MEDIUM
Cross Site Scripting (XSS) vulnerability in skycaiji 2.8 allows attackers to run arbitrary code via /admin/tool/preview.
CVE-2023-33394 1 Skycaiji 1 Skycaiji 2024-11-21 N/A 5.4 MEDIUM
skycaiji v2.5.4 is vulnerable to Cross Site Scripting (XSS). Attackers can achieve backend XSS by deploying malicious JSON data.
CVE-2022-44351 1 Skycaiji 1 Skycaiji 2024-11-21 N/A 9.8 CRITICAL
Skycaiji v2.5.1 was discovered to contain a deserialization vulnerability via /SkycaijiApp/admin/controller/Mystore.php.
CVE-2022-28096 1 Skycaiji 1 Skycaiji 2024-11-21 6.5 MEDIUM 7.2 HIGH
Skycaiji v2.4 was discovered to contain a remote code execution (RCE) vulnerability via /SkycaijiApp/admin/controller/Develop.php.
CVE-2020-18878 1 Skycaiji 1 Skycaiji 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
Directory Traversal in Skycaiji v1.3 allows remote attackers to obtain sensitive information via the component 'index.php?m=admin&c=Tool&a=log&file=D%3A%5CphpStudy%5CWWW%5Cindex.php'.
CVE-2018-11371 1 Skycaiji 1 Skycaiji 2024-11-21 6.8 MEDIUM 8.8 HIGH
SkyCaiji 1.2 allows CSRF to add an Administrator user.