Victoralagwu Cmssite
7 CVEs affecting Victoralagwu Cmssite. Latest disclosed: 2026-04-12. Critical: 0, High: 6.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2020-37073 | High | 8.8 | 2026-02-03 | Victor CMS 1.0 contains an authenticated file upload vulnerability that allows administrators to upload PHP files with arbitrary content through the user_image… |
CVE-2020-36942 | High | 8.8 | 2026-01-27 | Victor CMS 1.0 contains a file upload vulnerability that allows authenticated users to upload malicious PHP files through the profile image upload feature. Att… |
CVE-2019-25697 | High | 8.2 | 2026-04-12 | CMSsite 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the cat_… |
CVE-2019-25674 | High | 8.2 | 2026-04-05 | CMSsite 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'pos… |
CVE-2020-37076 | High | 8.2 | 2026-02-03 | Victor CMS version 1.0 contains a SQL injection vulnerability in the 'post' parameter on post.php that allows remote attackers to manipulate database queries… |
CVE-2020-37072 | High | 7.2 | 2026-02-03 | Victor CMS 1.0 contains a stored cross-site scripting vulnerability in the 'comment_author' POST parameter that allows attackers to inject malicious scripts. A… |
CVE-2019-25682 | Medium | 4.3 | 2026-04-05 | CMSsite 1.0 contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized administrative actions by crafting malicious HTML… |