Every CVE whose affected-product data names Steve228uk Candycms, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (1)
CVE-2024-31022 — CVSS 9.8 (critical): An issue was discovered in CandyCMS version 1.0.0, allows remote attackers to execute arbitrary code via the install.php component.