Every CVE whose affected-product data names Cim Project Cim, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2019-7692 — CVSS 9.8 (critical): install/install.php in CIM 0.9.3 allows remote attackers to execute arbitrary PHP code via a crafted prefix value because of configuration…
CVE-2018-20614 — CVSS 7.5 (high): public\install\install.php in CIM 0.9.3 allows remote attackers to reload the product via the public/install/#/step3 URI.