vendor:
CruxCMS
by:
7.5
CVSS
HIGH
Input-Validation
CWE
Product Name: CruxCMS
Affected Version From: CruxCMS 3.0.0
Affected Version To: Unknown
Patch Exists: NO
Related CWE:
CPE: a:cruxcms:cruxcms:3.0.0
Platforms Tested:
Multiple Input-Validation Vulnerabilities in CruxCMS
Multiple input-validation vulnerabilities, including security-bypass, arbitrary-file-upload, SQL-injection, local file-include, cross-site-scripting, and information-disclosure issues, allow unauthorized access, execution of scripts, data modification, stealing authentication credentials, and other attacks.
Mitigation:
Properly sanitize user-supplied input to prevent vulnerabilities.