CVE-2022-25411 — CVSS 9.8 (critical): A Remote Code Execution (RCE) vulnerability at /admin/options in Maxsite CMS v180 allows attackers to execute arbitrary code via a crafted…
CVE-2022-25412 — CVSS 8.1 (high): Maxsite CMS v180 was discovered to contain multiple arbitrary file deletion vulnerabilities in /admin_page/all-files-update-ajax.php via…
CVE-2026-3395 — CVSS 7.3 (high): A flaw has been found in MaxSite CMS up to 109.1. This impacts the function eval of the file application/maxsite/admin/plugins/editor_markit…
CVE-2025-12346 — CVSS 6.3 (medium): A vulnerability was detected in MaxSite CMS up to 109. This vulnerability affects unknown code of the file application/maxsite/admin/plugins…
CVE-2025-12347 — CVSS 6.3 (medium): A flaw has been found in MaxSite CMS up to 109. This issue affects some unknown processing of the file application/maxsite/admin/plugins/edi…
CVE-2022-25413 — CVSS 5.4 (medium): Maxsite CMS v108 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the parameter f_tags at /admin/page_edit/3.
CVE-2022-25410 — CVSS 5.4 (medium): Maxsite CMS v180 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the parameter f_file_description at…