Moderncampus Omni_cms
4 CVEs affecting Moderncampus Omni_cms. Latest disclosed: 2024-06-13. Critical: 1, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-40766 | Critical | 9.8 | 2022-09-18 | Modern Campus Omni CMS (formerly OU Campus) 10.2.4 allows login-page SQL injection via a '" OR 1 = 1 -- - , <?php' substring. |
CVE-2023-35859 | Medium | 6.1 | 2024-06-13 | A Reflected Cross-Site Scripting (XSS) vulnerability in the blog function of Modern Campus - Omni CMS 2023.1 allows a remote attacker to inject arbitrary scrip… |
CVE-2023-35860 | Medium | 5.3 | 2024-06-13 | A Directory Traversal vulnerability in Modern Campus - Omni CMS 2023.1 allows a remote, unauthenticated attacker to enumerate file system information via the d… |
CVE-2023-35858 | Medium | 5.3 | 2024-06-13 | XPath Injection vulnerabilities in the blog and RSS functions of Modern Campus - Omni CMS 2023.1 allow a remote, unauthenticated attacker to obtain application… |