Doyocms Project Doyocms — known CVE vulnerabilities
Every CVE whose affected-product data names Doyocms Project Doyocms, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2020-19802 — CVSS 9.8 (critical): File Upload vulnerability found in Milken DoyoCMS v.2.3 allows a remote attacker to execute arbitrary code via the upload file type…
CVE-2021-26739 — CVSS 9.8 (critical): SQL Injection vulnerability in pay.php in millken doyocms 2.3, allows attackers to execute arbitrary code, via the attribute parameter.
CVE-2021-26740 — CVSS 9.8 (critical): Arbitrary file upload vulnerability sysupload.php in millken doyocms 2.3 allows attackers to execute arbitrary code.
CVE-2020-19803 — CVSS 8.8 (high): Cross Site Request Forgery vulnerability found in Milken DoyoCMS v.2.3 allows a remote attacker to execute arbitrary code via the…