Every CVE whose affected-product data names Doorgets Doorgets Cms, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (22)
CVE-2019-11616 — CVSS 9.8 (critical): doorGets 7.0 has a sensitive information disclosure vulnerability in /setup/temp/admin.php and /setup/temp/database.php. A remote…
CVE-2019-11618 — CVSS 9.8 (critical): doorGets 7.0 has a default administrator credential vulnerability. A remote attacker can use this vulnerability to gain administrator…
CVE-2019-11617 — CVSS 8.8 (high): doorGets 7.0 has a CSRF vulnerability in /doorgets/app/requests/user/configurationRequest.php. A remote attacker can exploit this…
CVE-2019-11615 — CVSS 8.8 (high): /fileman/php/upload.php in doorGets 7.0 has an arbitrary file upload vulnerability. A remote normal registered user can use this…
CVE-2019-11609 — CVSS 8.2 (high): doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/movefile.php. A remote unauthenticated attacker can…
CVE-2019-11608 — CVSS 8.2 (high): doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/renamefile.php. A remote unauthenticated attacker can…
CVE-2019-11611 — CVSS 7.5 (high): doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/download.php. A remote unauthenticated attacker can…
CVE-2019-11612 — CVSS 7.5 (high): doorGets 7.0 has an arbitrary file deletion vulnerability in /fileman/php/deletefile.php. A remote unauthenticated attacker can exploit…
CVE-2019-11606 — CVSS 7.5 (high): doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/copyfile.php. A remote unauthenticated attacker can…
CVE-2019-11614 — CVSS 7.5 (high): doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/views/ajax/commentView.php. A remote unauthorized attacker could exploit…
CVE-2019-11607 — CVSS 7.5 (high): doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/copydir.php. A remote unauthenticated attacker can…
CVE-2019-11610 — CVSS 7.5 (high): doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/downloaddir.php. A remote unauthenticated attacker can…
CVE-2014-1459 — CVSS 6.5 (medium): SQL injection vulnerability in dg-admin/index.php in doorGets CMS 5.2 and earlier allows remote authenticated administrators to execute…
CVE-2019-11613 — CVSS 6.5 (medium): doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/views/ajax/contactView.php. A remote normal registered user could exploit…
CVE-2019-11626 — CVSS 5.3 (medium): routers/ajaxRouter.php in doorGets 7.0 has a web site physical path leakage vulnerability, as demonstrated by an ajax/index.php?uri=1234%5c…
CVE-2019-11620 — CVSS 4.9 (medium): doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/requests/user/modulecategoryRequest.php. A remote background administrator…
CVE-2019-11621 — CVSS 4.9 (medium): doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/requests/user/configurationRequest.php when action=network. A remote…
CVE-2019-11622 — CVSS 4.9 (medium): doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/requests/user/modulecategoryRequest.php. A remote background administrator…
CVE-2019-11619 — CVSS 4.9 (medium): doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/requests/user/configurationRequest.php when action=analytics. A remote…
CVE-2019-11624 — CVSS 4.9 (medium): doorGets 7.0 has an arbitrary file deletion vulnerability in /doorgets/app/requests/user/configurationRequest.php. A remote background…
CVE-2019-11625 — CVSS 4.9 (medium): doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/requests/user/emailingRequest.php. A remote background administrator…
CVE-2019-11623 — CVSS 4.9 (medium): doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/requests/user/configurationRequest.php when action=siteweb. A remote…