Every CVE whose affected-product data names Orckestra C1 Cms, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2022-39256 — CVSS 9.0 (critical): Orckestra C1 CMS is a .NET based Web Content Management System. A vulnerability in versions prior to 6.13 allows remote attackers to…
CVE-2019-18211 — CVSS 8.8 (high): An issue was discovered in Orckestra C1 CMS through 6.6. The EntityTokenSerializer class in Composite.dll is prone to unvalidated…
CVE-2021-34992 — CVSS 8.8 (high): This vulnerability allows remote attackers to execute arbitrary code on affected installations of Orckestra C1 CMS 6.10. Authentication is…
CVE-2022-24789 — CVSS 7.6 (high): C1 CMS is an open-source, .NET based Content Management System (CMS). Versions prior to 6.12 allow an authenticated user to exploit Server…