Vulnerabilities (CVE)

Filtered by vendor Thedigitalcraft Subscribe
Total 10 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-28036 1 Thedigitalcraft 1 Atomcms 2024-11-21 7.5 HIGH 9.8 CRITICAL
AtomCMS 2.0 is vulnerable to SQL Injection via Atom.CMS_admin_ajax_navigation.php
CVE-2022-28035 1 Thedigitalcraft 1 Atomcms 2024-11-21 7.5 HIGH 9.8 CRITICAL
Atom.CMS 2.0 is vulnerable to SQL Injection via Atom.CMS_admin_ajax_blur-save.php
CVE-2022-28034 1 Thedigitalcraft 1 Atomcms 2024-11-21 7.5 HIGH 9.8 CRITICAL
AtomCMS 2.0 is vulnerabie to SQL Injection via Atom.CMS_admin_ajax_list-sort.php
CVE-2022-28033 1 Thedigitalcraft 1 Atomcms 2024-11-21 7.5 HIGH 9.8 CRITICAL
Atom.CMS 2.0 is vulnerable to SQL Injection via Atom.CMS_admin_uploads.php
CVE-2022-28032 1 Thedigitalcraft 1 Atomcms 2024-11-21 7.5 HIGH 9.8 CRITICAL
AtomCMS 2.0 is vulnerable to SQL Injection via Atom.CMS_admin_ajax_pages.php
CVE-2022-25489 1 Thedigitalcraft 1 Atomcms 2024-11-21 3.5 LOW 5.4 MEDIUM
Atom CMS v2.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the "A" parameter in /widgets/debug.php.
CVE-2022-25488 1 Thedigitalcraft 1 Atomcms 2024-11-21 7.5 HIGH 9.8 CRITICAL
Atom CMS v2.0 was discovered to contain a SQL injection vulnerability via the id parameter in /admin/ajax/avatar.php.
CVE-2022-25487 1 Thedigitalcraft 1 Atomcms 2024-11-21 7.5 HIGH 9.8 CRITICAL
Atom CMS v2.0 was discovered to contain a remote code execution (RCE) vulnerability via /admin/uploads.php.
CVE-2022-24223 1 Thedigitalcraft 1 Atomcms 2024-11-21 7.5 HIGH 9.8 CRITICAL
AtomCMS v2.0 was discovered to contain a SQL injection vulnerability via /admin/login.php.
CVE-2014-4852 1 Thedigitalcraft 1 Atomcms 2024-11-21 7.5 HIGH N/A
SQL injection vulnerability in admin/uploads.php in The Digital Craft AtomCMS, possibly 2.0, allows remote attackers to execute arbitrary SQL commands via the id parameter.