classcms · threatengine.sh

CVE-2024-57099

all versions

ClassCMS v4.8 has a code execution vulnerability. Attackers can exploit this vulnerability by constructing a payload in the classv

9.8CRITICAL

CVE-2024-57097

all versions

ClassCMS 4.8 is vulnerable to Cross Site Scripting (XSS) in class/admin/channel.php.

4.8MEDIUM

CVE-2024-12666

<= 4.8

A vulnerability has been found in ClassCMS up to 4.8 and classified as critical. Affected by this vulnerability is an unknown func

4.7MEDIUM

CVE-2024-12503

all versions

A vulnerability classified as problematic was found in ClassCMS 4.8. Affected by this vulnerability is an unknown functionality of

2.4LOW

CVE-2024-48180

<= 4.8

ClassCMS <=4.8 is vulnerable to file inclusion in the nowView method in/class/cms/cms.php, which can include a file uploaded to th

9.8CRITICAL

CVE-2024-8145

all versions

A vulnerability, which was classified as problematic, has been found in ClassCMS 4.8. Affected by this issue is some unknown funct

2.4LOW

CVE-2024-8144

all versions

A vulnerability classified as problematic was found in ClassCMS 4.8. Affected by this vulnerability is an unknown functionality of

3.5LOW

CVE-2024-6932

all versions

A vulnerability was found in ClassCMS 4.5. It has been declared as problematic. Affected by this vulnerability is an unknown funct

3.5LOW

CVE-2022-45966

all versions

here is an arbitrary file upload vulnerability in the file management function module of Classcms3.5.

9.8CRITICAL

CVE-2022-25582

<= 2.5

A stored cross-site scripting (XSS) vulnerability in the Column module of ClassCMS v2.5 and below allows attackers to execute arbi

5.4MEDIUM

CVE-2022-25581

<= 2.5

Classcms v2.5 and below contains an arbitrary file upload via the component \class\classupload. This vulnerability allows attacker

7.8HIGH