Kkcms Project: Security Vulnerabilities
kkcms v1.3.7 was discovered to contain a SQL injection vulnerability via the cid parameter at /template/wapian/vlist.php.
CVSS Score
9.8
EPSS Score
0.003
Published
2022-06-15
kkcms 1.3 has jx.php?url= XSS.
CVSS Score
6.1
EPSS Score
0.002
Published
2019-09-27
kkcms v1.3 has a CSRF vulnerablity that can add an user account via admin/cms_user_add.php.
CVSS Score
8.8
EPSS Score
0.001
Published
2019-09-23