Every CVE whose affected-product data names Skycaiji, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (11)
CVE-2024-39243 — CVSS 9.8 (critical): An issue discovered in skycaiji 2.8 allows attackers to run arbitrary code via crafted POST request to /index.php?s=/admin/develop/editor_sa…
CVE-2022-44351 — CVSS 9.8 (critical): Skycaiji v2.5.1 was discovered to contain a deserialization vulnerability via /SkycaijiApp/admin/controller/Mystore.php.
CVE-2022-28096 — CVSS 7.2 (high): Skycaiji v2.4 was discovered to contain a remote code execution (RCE) vulnerability via /SkycaijiApp/admin/controller/Develop.php.
CVE-2025-1799 — CVSS 6.3 (medium): A vulnerability, which was classified as critical, was found in Zorlan SkyCaiji 2.9. This affects the function previewAction of the file…
CVE-2025-1791 — CVSS 6.3 (medium): A vulnerability has been found in Zorlan SkyCaiji 2.9 and classified as critical. This vulnerability affects the function fileAction of the…
CVE-2024-39242 — CVSS 6.1 (medium): A cross-site scripting (XSS) vulnerability in skycaiji v2.8 allows attackers to execute arbitrary web scripts or HTML via a crafted payload…
CVE-2024-39241 — CVSS 6.1 (medium): Cross Site Scripting (XSS) vulnerability in skycaiji 2.8 allows attackers to run arbitrary code via /admin/tool/preview.
CVE-2023-33394 — CVSS 5.4 (medium): skycaiji v2.5.4 is vulnerable to Cross Site Scripting (XSS). Attackers can achieve backend XSS by deploying malicious JSON data.
CVE-2020-18878 — CVSS 5.3 (medium): Directory Traversal in Skycaiji v1.3 allows remote attackers to obtain sensitive information via the component 'index.php?m=admin&c=Tool&a=l…
CVE-2024-6252 — CVSS 2.4 (low): A vulnerability has been found in Zorlan SkyCaiji up to 2.8 and classified as problematic. Affected by this vulnerability is an unknown…