Company Website Cms

company_website_cms

Vendor: Torrahclef • 5 CVEs

CVEs (5)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-13561 1Torrahclef 1Company Website Cms Apr 29, 2026 Nov 23, 2025 5.5 MEDIUM· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A vulnerability was determined in SourceCodester Company Website CMS 1.0. This vulnerability affects unknown code of the file /admin/index.php. This manipulation of the argument Username causes sql injection. Remote expl...Show more A vulnerability was determined in SourceCodester Company Website CMS 1.0. This vulnerability affects unknown code of the file /admin/index.php. This manipulation of the argument Username causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized.Show less
CVE-2025-13560 1Torrahclef 1Company Website Cms Apr 29, 2026 Nov 23, 2025 5.5 MEDIUM· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A vulnerability was found in SourceCodester Company Website CMS 1.0. This affects an unknown part of the file /admin/reset-password.php. The manipulation of the argument email results in sql injection. The attack may be...Show more A vulnerability was found in SourceCodester Company Website CMS 1.0. This affects an unknown part of the file /admin/reset-password.php. The manipulation of the argument email results in sql injection. The attack may be launched remotely. The exploit has been made public and could be used.Show less
CVE-2025-29710 1Torrahclef 1Company Website Cms Apr 23, 2025 Apr 16, 2025 N/A· v4 6.1 MEDIUM· v3 N/A· v2 SourceCodester Company Website CMS 1.0 is vulnerable to Cross Site Scripting (XSS) via /dashboard/Services.
CVE-2025-29709 1Torrahclef 1Company Website Cms Apr 23, 2025 Apr 16, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 SourceCodester Company Website CMS 1.0 has a File upload vulnerability via the "Create portfolio" file /dashboard/portfolio.
CVE-2025-29708 1Torrahclef 1Company Website Cms Apr 23, 2025 Apr 16, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 SourceCodester Company Website CMS 1.0 contains a file upload vulnerability via the "Create Services" file /dashboard/Services.