ayacms_project ayacms CVE Vulnerabilities (9)

CVEs: 9 CPE versions: View versions table

Summary

This page lists publicly disclosed CVE vulnerabilities affecting ayacms_project ayacms (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.

CVE	Summary	Source	Max CVSS	EPSS %	Published	Updated
CVE-2022-48116	AyaCMS v3.1.2 was discovered to contain a remote code execution (RCE) vulnerability via the component /admin/tpl_edit.inc.php.	[email protected]	7.2	4.25%	2023-01-27	2025-03-28
CVE-2022-47926	AyaCMS 3.1.2 is vulnerable to file deletion via /aya/module/admin/fst_del.inc.php	[email protected]	9.8	0.45%	2022-12-22	2025-04-15
CVE-2022-46102	AyaCMS 3.1.2 is vulnerable to Arbitrary file upload via /aya/module/admin/fst_down.inc.php	[email protected]	9.8	0.34%	2022-12-22	2025-04-15
CVE-2022-46101	AyaCMS v3.1.2 was found to have a code flaw in the ust_sql.inc.php file, which allows attackers to cause command execution by inserting malicious code.	[email protected]	8.8	1.15%	2022-12-22	2025-04-15
CVE-2022-45550	AyaCMS 3.1.2 is vulnerable to Remote Code Execution (RCE).	[email protected]	9.8	3.16%	2022-12-07	2025-04-23
CVE-2022-45548	AyaCMS v3.1.2 has an Arbitrary File Upload vulnerability.	[email protected]	8.8	0.35%	2022-12-06	2025-04-23
CVE-2022-43074	AyaCMS v3.1.2 was discovered to contain an arbitrary file upload vulnerability via the component /admin/fst_upload.inc.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.	[email protected]	9.8	0.76%	2022-11-10	2025-05-01
CVE-2021-44238	AyaCMS 3.1.2 is vulnerable to Remote Code Execution (RCE) via /aya/module/admin/ust_tab_e.inc.php,	[email protected]	7.2	2.76%	2022-03-01	2024-11-21
CVE-2020-23686	Cross site request forgery (CSRF) vulnerability in AyaCMS 3.1.2 allows attackers to change an administrators password or other unspecified impacts.	[email protected]	8.8	0.22%	2021-11-02	2024-11-21

cvelogic Threat Intelligence