Dcat Admin

dcat_admin

Vendor: Dcatadmin • 6 CVEs

CVEs (6)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-65656 1Dcatadmin 1Dcat Admin Dec 3, 2025 Dec 2, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 dcat-admin v2.2.3-beta and before is vulnerable to file inclusion in admin/src/Extend/VersionManager.php.
CVE-2025-0709 1Dcatadmin 1Dcat Admin May 7, 2025 Jan 24, 2025 5.1 MEDIUM· v4 4.8 MEDIUM· v3 3.3 LOW· v2 A vulnerability was found in Dcat-Admin 2.2.1-beta. It has been rated as problematic. This issue affects some unknown processing of the file /admin/auth/roles of the component Roles Page. The manipulation leads to cross...Show more A vulnerability was found in Dcat-Admin 2.2.1-beta. It has been rated as problematic. This issue affects some unknown processing of the file /admin/auth/roles of the component Roles Page. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2024-54775 1Dcatadmin 1Dcat Admin Apr 22, 2025 Dec 27, 2024 N/A· v4 4.8 MEDIUM· v3 N/A· v2 Dcat-Admin v2.2.0-beta and v2.2.2-beta contains a Cross-Site Scripting (XSS) vulnerability via /admin/auth/menu and /admin/auth/extensions.
CVE-2024-54774 1Dcatadmin 1Dcat Admin Apr 21, 2025 Dec 27, 2024 N/A· v4 4.8 MEDIUM· v3 N/A· v2 Dcat Admin v2.2.0-beta contains a cross-site scripting (XSS) vulnerability in /admin/articles/create.
CVE-2024-29644 1Dcatadmin 1Dcat Admin Apr 30, 2025 Mar 26, 2024 N/A· v4 6.1 MEDIUM· v3 N/A· v2 Cross Site Scripting vulnerability in dcat-admin v.2.1.3 and before allows a remote attacker to execute arbitrary code via a crafted script to the user login box.
CVE-2023-33736 1Dcatadmin 1Dcat Admin Jan 10, 2025 May 31, 2023 N/A· v4 5.4 MEDIUM· v3 N/A· v2 A stored cross-site scripting (XSS) vulnerability in Dcat-Admin v2.1.3-beta allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the URL parameter.