Thedigitalcraft: >> Atomcms Security Vulnerabilities
Atom CMS 2.0 contains an unauthenticated SQL injection vulnerability that allows remote attackers to manipulate database queries through unvalidated parameters. Attackers can inject malicious SQL code in the 'id' parameter of the admin index page to execute time-based blind SQL injection attacks.
CVSS Score
9.3
EPSS Score
0.004
Published
2025-12-22
AtomCMS 2.0 is vulnerable to SQL Injection via Atom.CMS_admin_ajax_pages.php
CVSS Score
9.8
EPSS Score
0.06
Published
2022-04-12
Atom.CMS 2.0 is vulnerable to SQL Injection via Atom.CMS_admin_uploads.php
CVSS Score
9.8
EPSS Score
0.055
Published
2022-04-12
AtomCMS 2.0 is vulnerabie to SQL Injection via Atom.CMS_admin_ajax_list-sort.php
CVSS Score
9.8
EPSS Score
0.014
Published
2022-04-12
Atom.CMS 2.0 is vulnerable to SQL Injection via Atom.CMS_admin_ajax_blur-save.php
CVSS Score
9.8
EPSS Score
0.014
Published
2022-04-12
AtomCMS 2.0 is vulnerable to SQL Injection via Atom.CMS_admin_ajax_navigation.php
CVSS Score
9.8
EPSS Score
0.014
Published
2022-04-12
Atom CMS v2.0 was discovered to contain a remote code execution (RCE) vulnerability via /admin/uploads.php.
CVSS Score
9.8
EPSS Score
0.548
Published
2022-03-15
Atom CMS v2.0 was discovered to contain a SQL injection vulnerability via the id parameter in /admin/ajax/avatar.php.
CVSS Score
9.8
EPSS Score
0.071
Published
2022-03-15
Atom CMS v2.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the "A" parameter in /widgets/debug.php.
CVSS Score
5.4
EPSS Score
0.015
Published
2022-03-15
AtomCMS v2.0 was discovered to contain a SQL injection vulnerability via /admin/login.php.
CVSS Score
9.8
EPSS Score
0.62
Published
2022-02-01
Page 1