Every CVE whose affected-product data names Acidcat Acidcat Cms, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2008-1993 — CVSS 7.5 (high): Acidcat CMS 3.4.1 does not restrict access to the FCKEditor component, which allows remote attackers to upload arbitrary files.
CVE-2008-1992 — CVSS 7.5 (high): Acidcat CMS 3.4.1 does not properly restrict access to (1) default_mail_aspemail.asp, (2) default_mail_cdosys.asp or (3)…
CVE-2008-1990 — CVSS 7.5 (high): Multiple SQL injection vulnerabilities in Acidcat CMS 3.4.1 allow remote attackers to execute arbitrary SQL commands via the (1) cID…
CVE-2010-0976 — CVSS 7.5 (high): Acidcat CMS 3.5.x does not prevent access to install.asp after installation finishes, which might allow remote attackers to restart the…
CVE-2010-0984 — CVSS 5.0 (medium): Acidcat CMS 3.5.3 and earlier stores sensitive information under the web root with insufficient access control, which allows remote…
CVE-2008-1991 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in admin_colors_swatch.asp in Acidcat CMS 3.4.1 allows remote attackers to inject arbitrary web…