NVD - Results

Sort results by:

Search Results (Refine Search)

Search Parameters:

Results Type: Overview
Keyword (text search): cpe:2.3:a:chshcms:cscms:4.2:*:*:*:*:*:*:*
CPE Name Search: true

There are 7 matching records.

Displaying matches 1 through 7.

Vuln ID	Summary	CVSS Severity
CVE-2022-30898	A Cross-site request forgery (CSRF) vulnerability in Cscms music portal system v4.2 allows remote attackers to change the administrator's username and password. Published: June 09, 2022; 3:15:10 PM -0400	V4.0:(not available) V3.1: 6.5 MEDIUM V2.0: 4.3 MEDIUM
CVE-2022-27369	Cscms Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the component news_News.php_hy. Published: April 15, 2022; 2:15:10 PM -0400	V4.0:(not available) V3.1: 7.2 HIGH V2.0: 6.5 MEDIUM
CVE-2022-27368	Cscms Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the component dance_Lists.php_zhuan. Published: April 15, 2022; 2:15:10 PM -0400	V4.0:(not available) V3.1: 7.2 HIGH V2.0: 6.5 MEDIUM
CVE-2022-27367	Cscms Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the component dance_Topic.php_del. Published: April 15, 2022; 2:15:10 PM -0400	V4.0:(not available) V3.1: 7.2 HIGH V2.0: 6.5 MEDIUM
CVE-2022-27366	Cscms Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the component dance_Dance.php_hy. Published: April 15, 2022; 2:15:10 PM -0400	V4.0:(not available) V3.1: 7.2 HIGH V2.0: 6.5 MEDIUM
CVE-2022-27365	Cscms Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the component dance_Dance.php_del. Published: April 15, 2022; 2:15:10 PM -0400	V4.0:(not available) V3.1: 7.2 HIGH V2.0: 6.5 MEDIUM
CVE-2022-27090	Cscms Music Portal System v4.2 was discovered to contain a redirection vulnerability via the backurl parameter. Published: March 21, 2022; 6:15:08 PM -0400	V4.0:(not available) V3.1: 5.4 MEDIUM V2.0: 4.9 MEDIUM