Every CVE whose affected-product data names Lkw199711 Smanga, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2025-70831 — CVSS 9.8 (critical): A Remote Code Execution (RCE) vulnerability was found in Smanga 3.2.7 in the /php/path/rescan.php interface. The application fails to…
CVE-2025-70833 — CVSS 9.4 (critical): An Authentication Bypass vulnerability in Smanga 3.2.7 allows an unauthenticated attacker to reset the password of any user (including the…
CVE-2024-34193 — CVSS 7.5 (high): smanga 3.2.7 does not filter the file parameter at the PHP/get file flow.php interface, resulting in a path traversal vulnerability that…