cmseasy

Top products

The 15 most recently published vulnerabilities affecting cmseasy.

• CVE-2025-15148CmsEasy Backend Template Management template_admin.php savetemp_action code injection4.7Dec 28, 2025
• CVE-2025-11332CmsEasy URL view.php cross site scripting3.5Oct 6, 2025
• CVE-2025-55910CMSEasy v7.7.8.0 and before is vulnerable to Arbitrary file deletion in database_admin.php.6.3Sep 19, 2025
• CVE-2025-1336CmsEasy image_admin.php deleteimg_action path traversal4.3Feb 16, 2025
• CVE-2025-1335CmsEasy file_admin.php deleteimg_action path traversal4.3Feb 16, 2025
• CVE-2025-1106CmsEasy database_admin.php restore_action path traversal5.4Feb 7, 2025
• CVE-2025-0973CmsEasy index.php backAll_action path traversal5.4Feb 3, 2025
• CVE-2024-34315CmsEasy v7.7.7.9 was discovered to contain a local file inclusion vunerability via the file_get_contents function in the fckedit_action method of /admin/template_admin.php. This vulnerability allow...7.5May 7, 2024
• CVE-2024-34314CmsEasy v7.7.7.9 was discovered to contain a local file inclusion vunerability via the file_get_contents function in the fetch_action method of /admin/template_admin.php. This vulnerability allows ...4.9May 7, 2024
• CVE-2024-31551Directory Traversal vulnerability in lib/admin/image.admin.php in cmseasy v7.7.7.9 20240105 allows attackers to delete arbitrary files via crafted GET request.7.5Apr 26, 2024
• CVE-2024-32236An issue in CmsEasy v.7.7 and before allows a remote attacker to obtain sensitive information via the update function in the index.php component.3.5Apr 25, 2024
• CVE-2024-32163CMSeasy 7.7.7.9 is vulnerable to code execution.6.4Apr 17, 2024
• CVE-2024-32162CMSeasy 7.7.7.9 is vulnerable to Arbitrary file deletion.4.3Apr 17, 2024
• CVE-2024-25828cmseasy V7.7.7.9 has an arbitrary file deletion vulnerability in lib/admin/template_admin.php.4.9Feb 22, 2024
• CVE-2024-0523CmsEasy language_admin.php getslide_child_action sql injection6.3Jan 14, 2024