📦 Cscms

CVE-2020-28102 is a critical SQL injection vulnerability in cscms v4.1 that allows attackers to execute arbitrary SQL commands via the 'js_del' function. This affects all deployments running cscms v4....

This is a critical remote code execution vulnerability in the Playsong.php component of cscms v4.1 that allows attackers to execute arbitrary commands on affected systems. Any organization running the...

CVE-2022-27366 is a blind SQL injection vulnerability in Cscms Music Portal System v4.2 that allows attackers to execute arbitrary SQL commands via the dance_Dance.php_hy component. This affects all u...

CVE-2022-27368 is a SQL injection vulnerability in Cscms Music Portal System v4.2 that allows attackers to execute arbitrary SQL commands via the dance_Lists.php_zhuan component. This affects all inst...