Ed01 Cms

ed01-cms

CVEs (6)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-30890 1Ed01 Cms Project 1Ed01 Cms Jun 17, 2026 Apr 25, 2024 N/A· v4 4.7 MEDIUM· v3 N/A· v2 Cross Site Scripting vulnerability in ED01-CMS v.1.0 allows an attacker to obtain sensitive information via the categories.php component.
CVE-2022-28525 1Ed01 Cms Project 1Ed01 Cms Jun 17, 2026 Apr 26, 2022 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 ED01-CMS v20180505 was discovered to contain an arbitrary file upload vulnerability via /admin/users.php?source=edit_user&id=1.
CVE-2022-28524 1Ed01 Cms Project 1Ed01 Cms Jun 17, 2026 Apr 26, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 ED01-CMS v20180505 was discovered to contain a SQL injection vulnerability via the component post.php.
CVE-2020-18262 1Ed01 Cms Project 1Ed01 Cms Jun 17, 2026 Nov 3, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 ED01-CMS v1.0 was discovered to contain a SQL injection in the component cposts.php via the cid parameter.
CVE-2020-18261 1Ed01 Cms Project 1Ed01 Cms Jun 17, 2026 Nov 3, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An arbitrary file upload vulnerability in the image upload function of ED01-CMS v1.0 allows attackers to execute arbitrary commands.
CVE-2020-18259 1Ed01 Cms Project 1Ed01 Cms Jun 17, 2026 Nov 3, 2021 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 ED01-CMS v1.0 was discovered to contain a reflective cross-site scripting (XSS) vulnerability in the component sposts.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payloa...Show more ED01-CMS v1.0 was discovered to contain a reflective cross-site scripting (XSS) vulnerability in the component sposts.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload inserted into the Post title or Post content fields.Show less