Ayacms Project: >> Ayacms Security Vulnerabilities
AyaCMS v3.1.2 was discovered to contain a remote code execution (RCE) vulnerability via the component /admin/tpl_edit.inc.php.
CVSS Score
7.2
EPSS Score
0.01
Published
2023-01-27
AyaCMS v3.1.2 was found to have a code flaw in the ust_sql.inc.php file, which allows attackers to cause command execution by inserting malicious code.
CVSS Score
8.8
EPSS Score
0.001
Published
2022-12-22
AyaCMS 3.1.2 is vulnerable to Arbitrary file upload via /aya/module/admin/fst_down.inc.php
CVSS Score
9.8
EPSS Score
0.001
Published
2022-12-22
AyaCMS 3.1.2 is vulnerable to file deletion via /aya/module/admin/fst_del.inc.php
CVSS Score
9.8
EPSS Score
0.001
Published
2022-12-22
AyaCMS 3.1.2 is vulnerable to Remote Code Execution (RCE).
CVSS Score
9.8
EPSS Score
0.012
Published
2022-12-07
AyaCMS v3.1.2 has an Arbitrary File Upload vulnerability.
CVSS Score
8.8
EPSS Score
0.001
Published
2022-12-06
AyaCMS v3.1.2 was discovered to contain an arbitrary file upload vulnerability via the component /admin/fst_upload.inc.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.
CVSS Score
9.8
EPSS Score
0.001
Published
2022-11-10
AyaCMS 3.1.2 is vulnerable to Remote Code Execution (RCE) via /aya/module/admin/ust_tab_e.inc.php,
CVSS Score
7.2
EPSS Score
0.028
Published
2022-03-01
Cross site request forgery (CSRF) vulnerability in AyaCMS 3.1.2 allows attackers to change an administrators password or other unspecified impacts.
CVSS Score
8.8
EPSS Score
0.002
Published
2021-11-02