Iss-oberlausitz Bluepage Cms — known CVE vulnerabilities
Every CVE whose affected-product data names Iss-oberlausitz Bluepage Cms, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2022-38922 — CVSS 9.8 (critical): BluePage CMS thru 3.9 processes an insufficiently sanitized HTTP Header Cookie value allowing MySQL Injection in the 'users-cookie-settings'…
CVE-2022-38923 — CVSS 9.8 (critical): BluePage CMS thru v3.9 processes an insufficiently sanitized HTTP Header allowing MySQL Injection in the 'User-Agent' field using a…
CVE-2008-6039 — CVSS 6.8 (medium): Session fixation vulnerability in BLUEPAGE CMS 2.5 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID…
CVE-2008-6027 — CVSS 4.3 (medium): Multiple cross-site scripting (XSS) vulnerabilities in index.php in BLUEPAGE CMS 2.5 and earlier allow remote attackers to inject arbitrary…