Njtech Greencms

11 CVEs affecting Njtech Greencms. Latest disclosed: 2026-03-21. Critical: 0, High: 6.

Top CVEs affecting Njtech Greencms
CVESeverityScorePublishedSummary
CVE-2018-11671High8.82018-06-01An issue was discovered in GreenCMS v2.3.0603. There is a CSRF vulnerability that can add an admin account via index.php?m=admin&c=access&a=adduserhandle.
CVE-2018-11670High8.82018-06-01An issue was discovered in GreenCMS v2.3.0603. There is a CSRF vulnerability that allows attackers to execute arbitrary PHP code via the content parameter to i…
CVE-2022-28918High8.12022-04-26GreenCMS v2.3.0603 was discovered to contain an arbitrary file deletion vulnerability via /index.php?m=admin&c=custom&a=plugindelhandle&plugin_name=.
CVE-2020-21366High8.02023-06-20Cross Site Request Forgery vulnerability in GreenCMS v.2.3 allows an attacker to gain privileges via the adduser function of index.php.
CVE-2018-12604High7.52018-06-20GreenCMS 2.3.0603 allows remote attackers to obtain sensitive information via a direct request for Data/Log/year_month_day.log.
CVE-2019-25573High7.12026-03-21Green CMS 2.x contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through…
CVE-2019-25574Medium6.52026-03-21Green CMS 2.x contains a path traversal vulnerability that allows authenticated attackers to download arbitrary files and directories by injecting directory tr…
CVE-2025-9415Medium6.32025-08-25A vulnerability was identified in GreenCMS up to 2.3.0603. This affects an unknown part of the file /index.php?m=admin&c=media&a=fileconnect. The manipulation…
CVE-2024-22570Medium5.42024-01-29A stored cross-site scripting (XSS) vulnerability in /install.php?m=install&c=index&a=step3 of GreenCMS v2.3 allows attackers to execute arbitrary web scripts…
CVE-2025-15187Low3.82025-12-29A vulnerability was found in GreenCMS up to 2.3. This affects an unknown part of the file /DataController.class.php of the component File Handler. Performing a…
CVE-2025-14244Low2.42025-12-08A flaw has been found in GreenCMS 2.3.0603. Affected by this issue is some unknown functionality of the file /Admin/Controller/CustomController.class.php of th…