Thedigitalcraft: >> Atomcms >> 2.0 Security Vulnerabilities
Atom CMS 2.0 contains an unauthenticated SQL injection vulnerability that allows remote attackers to manipulate database queries through unvalidated parameters. Attackers can inject malicious SQL code in the 'id' parameter of the admin index page to execute time-based blind SQL injection attacks.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-12-22
AtomCMS 2.0 is vulnerable to SQL Injection via Atom.CMS_admin_ajax_pages.php
CVSS Score
9.8
EPSS Score
0.468
Published
2022-04-12
Atom.CMS 2.0 is vulnerable to SQL Injection via Atom.CMS_admin_uploads.php
CVSS Score
9.8
EPSS Score
0.584
Published
2022-04-12
AtomCMS 2.0 is vulnerabie to SQL Injection via Atom.CMS_admin_ajax_list-sort.php
CVSS Score
9.8
EPSS Score
0.005
Published
2022-04-12
Atom.CMS 2.0 is vulnerable to SQL Injection via Atom.CMS_admin_ajax_blur-save.php
CVSS Score
9.8
EPSS Score
0.005
Published
2022-04-12
AtomCMS 2.0 is vulnerable to SQL Injection via Atom.CMS_admin_ajax_navigation.php
CVSS Score
9.8
EPSS Score
0.005
Published
2022-04-12
Atom CMS v2.0 was discovered to contain a remote code execution (RCE) vulnerability via /admin/uploads.php.
CVSS Score
9.8
EPSS Score
0.847
Published
2022-03-15
Atom CMS v2.0 was discovered to contain a SQL injection vulnerability via the id parameter in /admin/ajax/avatar.php.
CVSS Score
9.8
EPSS Score
0.728
Published
2022-03-15
Atom CMS v2.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the "A" parameter in /widgets/debug.php.
CVSS Score
5.4
EPSS Score
0.051
Published
2022-03-15
AtomCMS v2.0 was discovered to contain a SQL injection vulnerability via /admin/login.php.
CVSS Score
9.8
EPSS Score
0.651
Published
2022-02-01
Page 1