kitesky kitecms CVE Vulnerabilities (9)

CVEs: 9 CPE versions: View versions table

Summary

This page lists publicly disclosed CVE vulnerabilities affecting kitesky kitecms (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.

Showing 19 of 9 CVEs
«« First « Prev Page 1 / 1 Next »
CVE Summary Source Max CVSS EPSS % Published Updated
CVE-2021-3267 File Upload vulnerability found in KiteCMS v.1.1 allows a remote attacker to execute arbitrary code via the uploadFile function. [email protected] 7.2 1.26% 2023-04-04 2026-06-17
CVE-2021-31707 Permissions vulnerability found in KiteCMS allows a remote attacker to execute arbitrary code via the upload file type. [email protected] 9.8 1.26% 2023-04-04 2026-06-16
CVE-2020-20522 Cross Site Scripting vulnerability found in KiteCMS v.1.1 allows a remote attacker to execute arbitrary code via the registering user parameter. [email protected] 6.1 0.56% 2023-04-04 2026-06-16
CVE-2020-20521 Cross Site Scripting vulnerability found in KiteCMS v.1.1 allows a remote attacker to execute arbitrary code via the comment parameter. [email protected] 6.1 0.56% 2023-04-04 2026-06-16
CVE-2021-36546 Incorrect Access Control issue discovered in KiteCMS 1.1 allows remote attackers to view sensitive information via path in application URL. [email protected] 7.5 0.89% 2023-02-03 2026-06-16
CVE-2022-28445 KiteCMS v1.1.1 was discovered to contain an arbitrary file read vulnerability via the background management module. [email protected] 6.5 1.02% 2022-04-21 2026-06-17
CVE-2020-20672 An arbitrary file upload vulnerability in /admin/upload/uploadfile of KiteCMS V1.1 allows attackers to getshell via a crafted PHP file. [email protected] 7.8 0.85% 2021-09-13 2026-06-16
CVE-2020-20671 A cross-site request forgery (CSRF) in KiteCMS V1.1 allows attackers to arbitrarily add an administrator account. [email protected] 8.8 0.54% 2021-09-13 2026-06-16
CVE-2021-31731 A directory traversal issue in KiteCMS 1.1.1 allows remote administrators to overwrite arbitrary files via ../ in the path parameter to index.php/admin/Template/fileedit, with PHP code in the html parameter. [email protected] 6.5 1.32% 2021-08-12 2026-06-16
«« First « Prev Page 1 / 1 Next »
cvelogic Threat Intelligence