Doyocms Project

doyocms_project

4 CVEs • 1 product

Products (1)

Click to collapse

Toggle

CVEs (4)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2020-19803 1Doyocms Project 1Doyocms Jun 17, 2026 Apr 11, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Cross Site Request Forgery vulnerability found in Milken DoyoCMS v.2.3 allows a remote attacker to execute arbitrary code via the background system settings.
CVE-2020-19802 1Doyocms Project 1Doyocms Jun 17, 2026 Apr 11, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 File Upload vulnerability found in Milken DoyoCMS v.2.3 allows a remote attacker to execute arbitrary code via the upload file type parameter.
CVE-2021-26740 1Doyocms Project 1Doyocms Jun 17, 2026 Nov 1, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Arbitrary file upload vulnerability sysupload.php in millken doyocms 2.3 allows attackers to execute arbitrary code.
CVE-2021-26739 1Doyocms Project 1Doyocms Jun 17, 2026 Nov 1, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 SQL Injection vulnerability in pay.php in millken doyocms 2.3, allows attackers to execute arbitrary code, via the attribute parameter.