Every CVE whose affected-product data names Pastel Pastelcms, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2009-1404 — CVSS 6.8 (medium): SQL injection vulnerability in admin.php in PastelCMS 0.8.0, when magic_quotes_gpc is disabled, allows remote attackers to execute…
CVE-2009-1405 — CVSS 6.8 (medium): Directory traversal vulnerability in index.php in PastelCMS 0.8.0, when magic_quotes_gpc is disabled, allows remote attackers to include…