Vulnerabilities (CVE)

Filtered by vendor Doyocms Project Subscribe
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-19802 1 Doyocms Project 1 Doyocms 2024-02-28 N/A 9.8 CRITICAL
File Upload vulnerability found in Milken DoyoCMS v.2.3 allows a remote attacker to execute arbitrary code via the upload file type parameter.
CVE-2020-19803 1 Doyocms Project 1 Doyocms 2024-02-28 N/A 8.8 HIGH
Cross Site Request Forgery vulnerability found in Milken DoyoCMS v.2.3 allows a remote attacker to execute arbitrary code via the background system settings.
CVE-2021-26739 1 Doyocms Project 1 Doyocms 2024-02-28 7.5 HIGH 9.8 CRITICAL
SQL Injection vulnerability in pay.php in millken doyocms 2.3, allows attackers to execute arbitrary code, via the attribute parameter.
CVE-2021-26740 1 Doyocms Project 1 Doyocms 2024-02-28 7.5 HIGH 9.8 CRITICAL
Arbitrary file upload vulnerability sysupload.php in millken doyocms 2.3 allows attackers to execute arbitrary code.