Bagesoft: >> Bagecms >> 3.1.0 Security Vulnerabilities
A stored cross-site scripting (XSS) vulnerability in Bagecms v3.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Custom Settings module.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-07-06
upload/protected/modules/admini/views/post/index.php in BageCMS through 3.1.4 allows SQL Injection via the title or titleAlias parameter.
CVSS Score
7.2
EPSS Score
0.002
Published
2019-02-17