Moderncampus Omni_cms

4 CVEs affecting Moderncampus Omni_cms. Latest disclosed: 2024-06-13. Critical: 1, High: 0.

Top CVEs affecting Moderncampus Omni_cms
CVESeverityScorePublishedSummary
CVE-2022-40766Critical9.82022-09-18Modern Campus Omni CMS (formerly OU Campus) 10.2.4 allows login-page SQL injection via a '" OR 1 = 1 -- - , <?php' substring.
CVE-2023-35859Medium6.12024-06-13A Reflected Cross-Site Scripting (XSS) vulnerability in the blog function of Modern Campus - Omni CMS 2023.1 allows a remote attacker to inject arbitrary scrip…
CVE-2023-35860Medium5.32024-06-13A Directory Traversal vulnerability in Modern Campus - Omni CMS 2023.1 allows a remote, unauthenticated attacker to enumerate file system information via the d…
CVE-2023-35858Medium5.32024-06-13XPath Injection vulnerabilities in the blog and RSS functions of Modern Campus - Omni CMS 2023.1 allow a remote, unauthenticated attacker to obtain application…