Every CVE whose affected-product data names Nuuo Nuuo Cms, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2018-17894 — CVSS 9.8 (critical): NUUO CMS all versions 3.1 and prior, The application creates default accounts that have hard-coded passwords, which could allow an attacker…
CVE-2018-17890 — CVSS 9.8 (critical): NUUO CMS all versions 3.1 and prior, The application uses insecure and outdated software components for functionality, which could allow…
CVE-2018-17934 — CVSS 9.8 (critical): NUUO CMS All versions 3.3 and prior the application allows external input to construct a pathname that is able to be resolved outside the…
CVE-2018-17936 — CVSS 9.8 (critical): NUUO CMS All versions 3.3 and prior the application allows the upload of arbitrary files that can modify or overwrite configuration files…
CVE-2018-17888 — CVSS 9.8 (critical): NUUO CMS all versions 3.1 and prior, The application uses a session identification mechanism that could allow attackers to obtain the…
CVE-2018-17892 — CVSS 8.8 (high): NUUO CMS all versions 3.1 and prior, The application implements a method of user account control that causes standard account security…
CVE-2018-18982 — CVSS 8.8 (high): NUUO CMS All versions 3.3 and prior the web server application allows injection of arbitrary SQL characters, which can be used to inject…