Every CVE whose affected-product data names Arcms Project Arcms, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2018-19557 — CVSS 9.8 (critical): An issue was discovered in arcms through 2018-03-19. No authentication is required for index/main, user/useradd, or img/images.
CVE-2018-19558 — CVSS 9.8 (critical): An issue was discovered in arcms through 2018-03-19. SQL injection exists via the json/newslist limit parameter because of…