This page lists publicly disclosed CVE vulnerabilities affecting thedigitalcraft atomcms (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2023-53975 | Atom CMS 2.0 contains an unauthenticated SQL injection vulnerability that allows remote attackers to manipulate database queries through unvalidated parameters. Attackers can inject malicious SQL code in the 'id' parameter of the admin index page to execute time-based blind SQL injection attacks. | [email protected] | 9.3 | 0.40% | 2025-12-22 | 2026-06-17 |
| CVE-2022-28036 | AtomCMS 2.0 is vulnerable to SQL Injection via Atom.CMS_admin_ajax_navigation.php | [email protected] | 9.8 | 1.43% | 2022-04-12 | 2026-06-17 |
| CVE-2022-28035 | Atom.CMS 2.0 is vulnerable to SQL Injection via Atom.CMS_admin_ajax_blur-save.php | [email protected] | 9.8 | 1.43% | 2022-04-12 | 2026-06-17 |
| CVE-2022-28034 | AtomCMS 2.0 is vulnerabie to SQL Injection via Atom.CMS_admin_ajax_list-sort.php | [email protected] | 9.8 | 1.43% | 2022-04-12 | 2026-06-17 |
| CVE-2022-28033 | Atom.CMS 2.0 is vulnerable to SQL Injection via Atom.CMS_admin_uploads.php | [email protected] | 9.8 | 5.41% | 2022-04-12 | 2026-06-17 |
| CVE-2022-28032 | AtomCMS 2.0 is vulnerable to SQL Injection via Atom.CMS_admin_ajax_pages.php | [email protected] | 9.8 | 5.92% | 2022-04-12 | 2026-06-17 |
| CVE-2022-25489 | Atom CMS v2.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the "A" parameter in /widgets/debug.php. | [email protected] | 5.4 | 1.46% | 2022-03-15 | 2026-06-17 |
| CVE-2022-25488 | Atom CMS v2.0 was discovered to contain a SQL injection vulnerability via the id parameter in /admin/ajax/avatar.php. | [email protected] | 9.8 | 7.15% | 2022-03-15 | 2026-06-17 |
| CVE-2022-25487 | Atom CMS v2.0 was discovered to contain a remote code execution (RCE) vulnerability via /admin/uploads.php. | [email protected] | 9.8 | 54.77% | 2022-03-15 | 2026-06-17 |
| CVE-2022-24223 | AtomCMS v2.0 was discovered to contain a SQL injection vulnerability via /admin/login.php. | [email protected] | 9.8 | 61.97% | 2022-02-01 | 2026-06-17 |
| CVE-2014-4852 | SQL injection vulnerability in admin/uploads.php in The Digital Craft AtomCMS, possibly 2.0, allows remote attackers to execute arbitrary SQL commands via the id parameter. | [email protected] | 7.5 | 2.24% | 2014-07-10 | 2026-06-16 |