Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-18422 | 1 Usualtool | 1 Usualtoolcms | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
| UsualToolCMS 8.0 allows CSRF for adding a user account via the cmsadmin/a_adminx.php?x=a URI. | |||||
| CVE-2018-20128 | 1 Usualtool | 1 Usualtoolcms | 2023-12-10 | 6.4 MEDIUM | 7.5 HIGH |
| An issue was discovered in UsualToolCMS v8.0. cmsadmin\a_sqlback.php allows remote attackers to delete arbitrary files via a backname[] directory-traversal pathname followed by a crafted substring. | |||||
| CVE-2019-6244 | 1 Usualtool | 1 Usualtoolcms | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in UsualToolCMS 8.0. cmsadmin/a_sqlbackx.php?t=sql allows CSRF attacks that can execute SQL statements, and consequently execute arbitrary PHP code by writing that code into a .php file. | |||||