Aquila Cms

aquila-cms

2 CVEs • 1 product

Products (1)

Click to collapse

Toggle

Aquilacms

aquilacms

2 CVEs

CVEs (2)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-48573 1Aquila Cms 1Aquilacms Apr 22, 2025 Oct 29, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 A NoSQL injection vulnerability in AquilaCMS 1.409.20 and prior allows unauthenticated attackers to reset user and administrator account passwords via the "Reset password" feature.
CVE-2024-48572 1Aquila Cms 1Aquilacms Apr 22, 2025 Oct 29, 2024 N/A· v4 5.3 MEDIUM· v3 N/A· v2 A User enumeration vulnerability in AquilaCMS 1.409.20 and prior allows unauthenticated attackers to obtain email addresses via the "Add a user" feature. The vulnerability occurs due to insufficiently validated user inpu...Show more A User enumeration vulnerability in AquilaCMS 1.409.20 and prior allows unauthenticated attackers to obtain email addresses via the "Add a user" feature. The vulnerability occurs due to insufficiently validated user input being processed as a regular expression, which is then matched against email addresses to find duplicate entries.Show less

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2024-48573

1Aquila Cms

1Aquilacms

Apr 22, 2025

Oct 29, 2024

N/A· v4

9.8 CRITICAL· v3

N/A· v2

A NoSQL injection vulnerability in AquilaCMS 1.409.20 and prior allows unauthenticated attackers to reset user and administrator account passwords via the "Reset password" feature.

CVE-2024-48572