CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 3CVE-2012-10054 – Umbraco CMS < 4.7.1 codeEditorSave.asmx RCE
https://notcve.org/view.php?id=CVE-2012-10054
13 Aug 2025 — Umbraco CMS versions prior to 4.7.1 are vulnerable to unauthenticated remote code execution via the codeEditorSave.asmx SOAP endpoint, which exposes a SaveDLRScript operation that permits arbitrary file uploads without authentication. By exploiting a path traversal flaw in the fileName parameter, attackers can write malicious ASPX scripts directly into the web-accessible /umbraco/ directory and execute them remotely. • https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/http/umbraco_upload_aspx.rb • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 2CVE-2025-34086 – Bolt CMS Authenticated Remote Code Execution via Profile Injection and File Rename
https://notcve.org/view.php?id=CVE-2025-34086
03 Jul 2025 — Bolt CMS versions 3.7.0 and earlier contain a chain of vulnerabilities that together allow an authenticated user to achieve remote code execution. A user with valid credentials can inject arbitrary PHP code into the displayname field of the user profile, which is rendered unsanitized in backend templates. The attacker can then list and rename cached session files via the /async/browse/cache/.sessions and /async/folder/rename endpoints. By renaming a .session file to a path under the publicly accessible /fil... • https://boltcms.io/newsitem/major-announcements-bolt-3-eol-bolt-4-2-5-0-releases • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 2CVE-2025-34076 – Microweber CMS Authenticated Local File Inclusion via Backup API
https://notcve.org/view.php?id=CVE-2025-34076
02 Jul 2025 — An authenticated local file inclusion vulnerability exists in Microweber CMS versions <= 1.2.11 through misuse of the backup management API. Authenticated users can abuse the /api/BackupV2/upload and /api/BackupV2/download endpoints to read arbitrary files from the underlying filesystem. By specifying an absolute file path in the src parameter of the upload request, the server may relocate or delete the target file depending on the web service user’s privileges. The corresponding download endpoint can then ... • https://github.com/microweber/microweber • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2025-5435 – Marwal Infotech CMS page.php sql injection
https://notcve.org/view.php?id=CVE-2025-5435
02 Jun 2025 — A vulnerability was found in Marwal Infotech CMS 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /page.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. • https://vuldb.com/?id.310768 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2025-5434 – Aem Solutions CMS page.php sql injection
https://notcve.org/view.php?id=CVE-2025-5434
02 Jun 2025 — A vulnerability was found in Aem Solutions CMS up to 1.0. It has been classified as critical. This affects an unknown part of the file /page.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. • https://github.com/YZS17/CVE/blob/main/SQL/SQLi%20in%20Aem%20Solutions%20CMS%20v1.0.md • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2025-5432 – AssamLook CMS view_tender.php sql injection
https://notcve.org/view.php?id=CVE-2025-5432
02 Jun 2025 — A vulnerability has been found in AssamLook CMS 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /view_tender.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/YZS17/CVE/blob/main/SQL/SQLi%20in%20AssamLook%20CMS-v1.0.md • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2025-5431 – AssamLook CMS department-profile.php sql injection
https://notcve.org/view.php?id=CVE-2025-5431
02 Jun 2025 — A vulnerability, which was classified as critical, was found in AssamLook CMS 1.0. Affected is an unknown function of the file /department-profile.php. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/YZS17/CVE/blob/main/SQL/SQLi%20in%20AssamLook%20CMS-v1.0.md • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2025-5430 – AssamLook CMS product.php sql injection
https://notcve.org/view.php?id=CVE-2025-5430
02 Jun 2025 — A vulnerability, which was classified as critical, has been found in AssamLook CMS 1.0. This issue affects some unknown processing of the file /product.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/YZS17/CVE/blob/main/SQL/SQLi%20in%20AssamLook%20CMS-v1.0.md • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.9EPSS: 38%CPEs: 2EXPL: 0CVE-2025-35939 – Craft CMS External Control of Assumed-Immutable Web Parameter Vulnerability
https://notcve.org/view.php?id=CVE-2025-35939
07 May 2025 — Craft CMS stores arbitrary content provided by unauthenticated users in session files. This content could be accessed and executed, possibly using an independent vulnerability. Craft CMS redirects requests that require authentication to the login page and generates a session file on the server at `/var/lib/php/sessions`. Such session files are named `sess_[session_value]`, where `[session_value]` is provided to the client in a `Set-Cookie` response header. Craft CMS stores the return URL requested by the cl... • https://github.com/craftcms/cms/pull/17220 • CWE-472: External Control of Assumed-Immutable Web Parameter •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2025-3534 – PowerCreator CMS OpenPublicCourse.aspx sql injection
https://notcve.org/view.php?id=CVE-2025-3534
13 Apr 2025 — A vulnerability, which was classified as critical, was found in PowerCreator CMS 1.0. Affected is an unknown function of the file /OpenPublicCourse.aspx. The manipulation of the argument cid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/yztale/powercreator/blob/main/README.md • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •