ayacms_project CVE 脆弱性と CVE 一覧（9）

製品（CPE）: — CVE 件数: 9

ayacms_project 脆弱性概要

ayacms_project 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。

公開された問題は vendor risk csrf に関連することが多く、vendor surface production workloads and vendor surface software deployment の文脈でファイル上書きなどの暴露リスクを伴う場合があります。

掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。

脆弱性分布の推移（直近24か月）

CVE	概要	ソース	CVSS 最大値	EPSS（%）	公開	更新
CVE-2022-48116	AyaCMS v3.1.2 was discovered to contain a remote code execution (RCE) vulnerability via the component /admin/tpl_edit.inc.php.	[email protected]	7.2	4.25%	2023-01-27	2025-03-28
CVE-2022-47926	AyaCMS 3.1.2 is vulnerable to file deletion via /aya/module/admin/fst_del.inc.php	[email protected]	9.8	0.45%	2022-12-22	2025-04-15
CVE-2022-46102	AyaCMS 3.1.2 is vulnerable to Arbitrary file upload via /aya/module/admin/fst_down.inc.php	[email protected]	9.8	0.34%	2022-12-22	2025-04-15
CVE-2022-46101	AyaCMS v3.1.2 was found to have a code flaw in the ust_sql.inc.php file, which allows attackers to cause command execution by inserting malicious code.	[email protected]	8.8	1.15%	2022-12-22	2025-04-15
CVE-2022-45550	AyaCMS 3.1.2 is vulnerable to Remote Code Execution (RCE).	[email protected]	9.8	3.16%	2022-12-07	2025-04-23
CVE-2022-45548	AyaCMS v3.1.2 has an Arbitrary File Upload vulnerability.	[email protected]	8.8	0.35%	2022-12-06	2025-04-23
CVE-2022-43074	AyaCMS v3.1.2 was discovered to contain an arbitrary file upload vulnerability via the component /admin/fst_upload.inc.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.	[email protected]	9.8	0.76%	2022-11-10	2025-05-01
CVE-2021-44238	AyaCMS 3.1.2 is vulnerable to Remote Code Execution (RCE) via /aya/module/admin/ust_tab_e.inc.php,	[email protected]	7.2	2.76%	2022-03-01	2024-11-21
CVE-2020-23686	Cross site request forgery (CSRF) vulnerability in AyaCMS 3.1.2 allows attackers to change an administrators password or other unspecified impacts.	[email protected]	8.8	0.22%	2021-11-02	2024-11-21

cvelogic Threat Intelligence