CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2021-35437
https://notcve.org/view.php?id=CVE-2021-35437
16 Nov 2023 — SQL injection vulnerability in LMXCMS v.1.4 allows attacker to execute arbitrary code via the TagsAction.class. Vulnerabilidad de inyección SQL en LMXCMS v.1.4 permite a un atacante ejecutar código arbitrario a través de TagsAction.class. • https://github.com/GHA193/Vulns/blob/main/lmxcms%20injection.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-5017 – lmxcms admin.php sql injection
https://notcve.org/view.php?id=CVE-2023-5017
17 Sep 2023 — A vulnerability was found in lmxcms up to 1.41. It has been rated as critical. Affected by this issue is some unknown functionality of the file admin.php. The manipulation of the argument lid leads to sql injection. VDB-239858 is the identifier assigned to this vulnerability. • https://vuldb.com/?ctiid.239858 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •