Generic Content Management System Project Generic Content Management System — known CVE vulnerabilities
Every CVE whose affected-product data names Generic Content Management System Project Generic Content Management System, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2018-20568 — CVSS 9.8 (critical): Administrator/index.php in Ivan Cordoba Generic Content Management System (CMS) through 2018-04-28 allows SQL injection for authentication…
CVE-2018-20569 — CVSS 9.8 (critical): user/index.php in Ivan Cordoba Generic Content Management System (CMS) through 2018-04-28 allows SQL injection for authentication bypass.
CVE-2018-20589 — CVSS 4.8 (medium): Ivan Cordoba Generic Content Management System (CMS) through 2018-04-28 has XSS via the Administrator/add_pictures.php article ID.
CVE-2018-20590 — CVSS 4.8 (medium): Ivan Cordoba Generic Content Management System (CMS) through 2018-04-28 has XSS via the Administrator/users.php user ID.