Every CVE whose affected-product data names Basic-cms Sweetrice, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2009-4231 — CVSS 7.5 (high): Directory traversal vulnerability in as/lib/plugins.php in SweetRice 0.5.3 and earlier allows remote attackers to include and execute…
CVE-2010-5317 — CVSS 7.5 (high): Multiple SQL injection vulnerabilities in index.php in SweetRice CMS before 0.6.7.1 allow remote attackers to execute arbitrary SQL…
CVE-2009-4224 — CVSS 6.8 (medium): Multiple PHP remote file inclusion vulnerabilities in SweetRice 0.5.4, 0.5.3, and earlier allow remote attackers to execute arbitrary PHP…
CVE-2011-3804 — CVSS 5.0 (medium): SweetRice 0.7.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation…
CVE-2010-5316 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in as/index.php in SweetRice CMS before 0.6.7.1 allows remote attackers to inject arbitrary web…
CVE-2010-5318 — CVSS 4.3 (medium): The password-reset feature in as/index.php in SweetRice CMS before 0.6.7.1 allows remote attackers to modify the administrator's password…