Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-28096 | 1 Skycaiji | 1 Skycaiji | 2023-08-08 | 6.5 MEDIUM | 7.2 HIGH |
| Skycaiji v2.4 was discovered to contain a remote code execution (RCE) vulnerability via /SkycaijiApp/admin/controller/Develop.php. | |||||
| CVE-2023-33394 | 1 Skycaiji | 1 Skycaiji | 2023-06-02 | N/A | 5.4 MEDIUM |
| skycaiji v2.5.4 is vulnerable to Cross Site Scripting (XSS). Attackers can achieve backend XSS by deploying malicious JSON data. | |||||
| CVE-2022-44351 | 1 Skycaiji | 1 Skycaiji | 2022-12-10 | N/A | 9.8 CRITICAL |
| Skycaiji v2.5.1 was discovered to contain a deserialization vulnerability via /SkycaijiApp/admin/controller/Mystore.php. | |||||
| CVE-2020-18878 | 1 Skycaiji | 1 Skycaiji | 2021-08-24 | 5.0 MEDIUM | 5.3 MEDIUM |
| Directory Traversal in Skycaiji v1.3 allows remote attackers to obtain sensitive information via the component 'index.php?m=admin&c=Tool&a=log&file=D%3A%5CphpStudy%5CWWW%5Cindex.php'. | |||||
| CVE-2018-11371 | 1 Skycaiji | 1 Skycaiji | 2018-07-02 | 6.8 MEDIUM | 8.8 HIGH |
| SkyCaiji 1.2 allows CSRF to add an Administrator user. | |||||