Engineercms_project Engineercms
3 CVEs affecting Engineercms_project Engineercms. Latest disclosed: 2025-05-13. Critical: 2, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-44831 | Critical | 9.8 | 2025-05-13 | EngineerCMS v1.02 through v2.0.5 has a SQL injection vulnerability in the /project/addproject interface. |
CVE-2025-44830 | Critical | 9.8 | 2025-05-12 | EngineerCMS v1.02 through v.2.0.5 has a SQL injection vulnerability in the /project/addprojtemplet interface. |
CVE-2021-36605 | Medium | 5.4 | 2021-07-30 | engineercms 1.03 is vulnerable to Cross Site Scripting (XSS). There is no escaping in the nickname field on the user list page. When viewing this page, the Jav… |