Filtered by vendor Skyss
Subscribe
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-45265 | 1 Skyss | 1 Arfa-cms | 2024-09-05 | N/A | 9.8 CRITICAL |
| A SQL injection vulnerability in the poll component in SkySystem Arfa-CMS before 5.1.3124 allows remote attackers to execute arbitrary SQL commands via the psid parameter. | |||||
| CVE-2024-45264 | 1 Skyss | 1 Arfa-cms | 2024-08-30 | N/A | 8.8 HIGH |
| A cross-site request forgery (CSRF) vulnerability in the admin panel in SkySystem Arfa-CMS before 5.1.3124 allows remote attackers to add a new administrator, leading to escalation of privileges. | |||||