Mara Cms Project Mara Cms — known CVE vulnerabilities
Every CVE whose affected-product data names Mara Cms Project Mara Cms, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2021-36547 — CVSS 9.8 (critical): A remote code execution (RCE) vulnerability in the component /codebase/dir.php?type=filenew of Mara v7.5 allows attackers to execute…
CVE-2020-24223 — CVSS 6.1 (medium): Mara CMS 7.5 allows cross-site scripting (XSS) in contact.php via the theme or pagetheme parameters.
CVE-2020-25422 — CVSS 5.4 (medium): A cross site scripting (XSS) vulnerability in menuedit.php of Mara CMS 7.5 allows attackers to execute arbitrary web scripts or HTML via a…