Search Results (4 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2019-25303 2 Cusg, Thejshen 2 Content Management System, Contentmanagementsystem 2026-07-15 7.1 High
TheJshen ContentManagementSystem 1.04 contains a SQL injection vulnerability that allows attackers to manipulate database queries through the 'id' GET parameter. Attackers can exploit boolean-based, time-based, and UNION-based SQL injection techniques to extract or manipulate database information by crafting malicious query payloads.
CVE-2023-48986 1 Cusg 1 Content Management System 2025-03-20 6.1 Medium
Cross Site Scripting (XSS) vulnerability in CU Solutions Group (CUSG) Content Management System (CMS) before v.7.75 allows a remote attacker to execute arbitrary code, escalate privileges, and obtain sensitive information via a crafted script to the users.php component.
CVE-2023-48985 1 Cusg 1 Content Management System 2025-03-19 6.1 Medium
Cross Site Scripting (XSS) vulnerability in CU Solutions Group (CUSG) Content Management System (CMS) before v.7.75 allows a remote attacker to execute arbitrary code, escalate privileges, and obtain sensitive information via a crafted script to the login.php component.
CVE-2023-48987 1 Cusg 1 Content Management System 2024-11-21 7.5 High
Blind SQL Injection vulnerability in CU Solutions Group (CUSG) Content Management System (CMS) before v.7.75 allows a remote attacker to execute arbitrary code, escalate privileges, and obtain sensitive information via a crafted script to the pages.php component.