wdja wdja_cms CVE Vulnerabilities (4)

CVEs: 4 CPE versions: View versions table

Summary

This page lists publicly disclosed CVE vulnerabilities affecting wdja wdja_cms (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.

Showing 14 of 4 CVEs
«« First « Prev Page 1 / 1 Next »
CVE Summary Source Max CVSS EPSS % Published Updated
CVE-2020-20982 Cross Site Scripting (XSS) vulnerability in shadoweb wdja v1.5.1, allows attackers to execute arbitrary code and gain escalated privileges, via the backurl parameter to /php/passport/index.php. [email protected] 9.6 31.95% 2021-11-03 2024-11-21
CVE-2020-21658 A Cross-Site Request Forgery (CSRF) in WDJA CMS v1.5.2 allows attackers to arbitrarily add administrator accounts via a crafted URL. [email protected] 6.5 0.11% 2021-10-06 2024-11-21
CVE-2020-21648 WDJA CMS v1.5.2 contains an arbitrary file deletion vulnerability in the component admin/cache/manage.php. [email protected] 9.1 0.36% 2021-10-06 2024-11-21
CVE-2020-23631 Cross-site request forgery (CSRF) in admin/global/manage.php in WDJA CMS 1.5 allows remote attackers to conduct cross-site scripting (XSS) attacks via the tongji parameter. [email protected] 6.1 0.13% 2021-01-11 2024-11-21
«« First « Prev Page 1 / 1 Next »
cvelogic Threat Intelligence