nukeviet/nukeviet Security Advisories for 4.0.24 (6)
-
[MEDIUM] NukeView CMS vulnerable to Cross-site Scripting
PKSA-5mzr-m6h8-h2rv CVE-2022-3975 GHSA-x45f-j34v-75xm
Affected version: <4.5
Reported by:
GitHub -
[MEDIUM] Cross-site Scripting in NukeViet CMS
PKSA-psph-r4j9-yzz8 CVE-2022-30874 GHSA-pm37-5j5m-6cvw
Affected version: <4.5.02
Reported by:
GitHub -
[CRITICAL] NukeViet SQL Injection vulnerability via topicsid parameter
PKSA-xs5f-vwmg-j124 CVE-2020-21808 GHSA-84gf-rw24-pfqg
Affected version: >=4.0.10,<4.3.08
Reported by:
GitHub -
[CRITICAL] NukeViet SQL Injection vulnerability
PKSA-2rnz-cg96-x3qg CVE-2020-21809 GHSA-m8jx-mxf9-2rpw
Affected version: =4.3|>=4.2,<4.2.01|>=4.1,<4.1.02|>=4.0,<4.0.29
Reported by:
GitHub -
[CRITICAL] Deserialization of Untrusted Data in NukeViet
PKSA-s8s2-w8kz-1q2x CVE-2019-7725 GHSA-32wr-8wxm-852c
Affected version: <4.3.04
Reported by:
GitHub -
[CRITICAL] SQL Injection in NukeViet
PKSA-4y42-f172-jt38 CVE-2019-7726 GHSA-q4qv-fmwc-qxpx
Affected version: <4.3.04
Reported by:
GitHub