Shodan
Vulnerabilities
Vulnerable Software
Cmswing:  >> Cmswing  >> 1.3.7  Security Vulnerabilities
CVE-2021-43735
CmsWing 1.3.7 is affected by a SQLi vulnerability via parameter: behavior rule.
CVSS Score
9.8
EPSS Score
0.005
Published
2022-03-23
CVE-2021-43736
CmsWing CMS 1.3.7 is affected by a Remote Code Execution (RCE) vulnerability via parameter: log rule
CVSS Score
9.8
EPSS Score
0.029
Published
2022-03-23
CVE-2020-24992
There is a cross site scripting vulnerability on CmsWing 1.3.7. This vulnerability (stored XSS) is triggered when an administrator accesses the content management module.
CVSS Score
5.4
EPSS Score
0.002
Published
2021-05-17
CVE-2020-24993
There is a cross site scripting vulnerability on CmsWing 1.3.7. This vulnerability (stored XSS) is triggered when visitors access the article module.
CVSS Score
5.4
EPSS Score
0.002
Published
2021-05-17
CVE-2019-7649
global.encryptPassword in bootstrap/global.js in CMSWing 1.3.7 relies on multiple MD5 operations for password hashing.
CVSS Score
7.5
EPSS Score
0.001
Published
2019-02-17


Products
Pricing
Contact Us

Shodan ® - All rights reserved