Reclu3A

#6308of 53,633
43.1Total CVSS
Vulnerabilities · 5
High
3
Critical
2
PT-2022-11344
9.8
2022-06-23
Laiketui · Laiketui · CVE-2021-40954
**Name of the Vulnerable Software and Affected Versions** Laiketui version 3.5.0 **Description** The issue allows an attacker to upload arbitrary files, potentially enabling the execution of arbitrary code. **Recommendations** For Laiketui version 3.5.0, update to a version that fixes this issue, if available. As a temporary workaround, consider restricting file upload capabilities to minimize the risk of exploitation.
PT-2022-11345
7.2
2022-06-23
Laiketui · Laiketui · CVE-2021-40955
**Name of the Vulnerable Software and Affected Versions** LaiKetui version 3.5.0 **Description** A SQL injection issue exists in the background administrator list, which could potentially allow unauthorized access or data manipulation. **Recommendations** For LaiKetui version 3.5.0, at the moment, there is no information about a newer version that contains a fix for this issue.
PT-2022-11346
7.5
2022-06-23
Laiketui · Laiketui · CVE-2021-40956
**Name of the Vulnerable Software and Affected Versions** LaiKetui version 3.5.0 **Description** The issue concerns a SQL injection in the background of LaiKetui through the menu management function, allowing sensitive data to be obtained. **Recommendations** For LaiKetui version 3.5.0, as a temporary workaround, consider disabling the menu management function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this issue.
PT-2022-11387
8.8
2022-06-16
Unknown · Flatcore-Cms · CVE-2021-41402
**Name of the Vulnerable Software and Affected Versions** flatCore-CMS version 2.0.8 **Description** The issue allows a remote malicious user to execute arbitrary PHP code, which could lead to code execution. **Recommendations** For flatCore-CMS version 2.0.8, at the moment, there is no information about a newer version that contains a fix for this issue.
PT-2022-11388
9.8
2022-06-15
Unknown · Flatcore-Cms · CVE-2021-41403
**Name of the Vulnerable Software and Affected Versions** flatCore-CMS version 2.0.8 **Description** The issue is related to server-side request forgery vulnerabilities caused by the software calling dangerous functions. **Recommendations** For flatCore-CMS version 2.0.8, consider disabling the dangerous functions until a patch is available. Restrict access to the affected modules to minimize the risk of exploitation.