Every CVE whose affected-product data names Yeager Yeager Cms, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2015-7567 — CVSS 9.8 (critical): SQL injection vulnerability in Yeager CMS 1.2.1 allows remote attackers to execute arbitrary SQL commands via the "passwordreset&token"…
CVE-2015-7568 — CVSS 9.8 (critical): SQL injection vulnerability in the password recovery feature in Yeager CMS 1.2.1 allows remote attackers to change the account credentials…
CVE-2015-7569 — CVSS 8.8 (high): SQL injection vulnerability in "yeager/y.php/tab_USERLIST" in Yeager CMS 1.2.1 allows local users to execute arbitrary SQL commands via the…
CVE-2015-7571 — CVSS 7.8 (high): Unrestricted file upload vulnerability in Yeager CMS 1.2.1 allows remote attackers to execute arbitrary code by uploading a file with an…