vendor:
Acidcat CMS
by:
AmnPardaz Security Research Team
N/A
CVSS
HIGH
SQL Injection, logical vulnerability, XSS, file upload vulnerability
CWE
Product Name: Acidcat CMS
Affected Version From: 3.4.2001
Affected Version To:
Patch Exists: NO
Related CWE:
CPE:
Platforms Tested:
Acidcat CMS Multiple Vulnerabilities
There are multiple vulnerabilities in Acidcat CMS including SQL Injection, logical vulnerability, XSS, and file upload vulnerability. These vulnerabilities can allow an attacker to gain usernames and encrypted passwords, send emails without permission, login to the site, execute XSS attacks, and upload files.