Comsenz - Duomicms CVE

Filtered by vendor Comsenz Subscribe

Filtered by product Duomicms

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2018-18084	1 Comsenz	1 Duomicms	2024-02-04	7.5 HIGH	9.8 CRITICAL
An issue was discovered in DuomiCMS 3.0. SQL injection exists in the ajax.php file, as demonstrated by the uid parameter.
CVE-2018-18083	1 Comsenz	1 Duomicms	2024-02-04	7.5 HIGH	9.8 CRITICAL
An issue was discovered in DuomiCMS 3.0. Remote PHP code execution is possible via the search.php searchword parameter because "eval" is used during "if" processing.

Vulnerabilities (CVE)