Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Thedigitalcraft Subscribe
Total 11 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-53975 1 Thedigitalcraft 1 Atomcms 2026-01-02 N/A 8.2 HIGH
Atom CMS 2.0 contains an unauthenticated SQL injection vulnerability that allows remote attackers to manipulate database queries through unvalidated parameters. Attackers can inject malicious SQL code in the 'id' parameter of the admin index page to execute time-based blind SQL injection attacks.
CVE-2014-4852 1 Thedigitalcraft 1 Atomcms 2025-04-12 7.5 HIGH N/A
SQL injection vulnerability in admin/uploads.php in The Digital Craft AtomCMS, possibly 2.0, allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2022-28036 1 Thedigitalcraft 1 Atomcms 2024-11-21 7.5 HIGH 9.8 CRITICAL
AtomCMS 2.0 is vulnerable to SQL Injection via Atom.CMS_admin_ajax_navigation.php
CVE-2022-28035 1 Thedigitalcraft 1 Atomcms 2024-11-21 7.5 HIGH 9.8 CRITICAL
Atom.CMS 2.0 is vulnerable to SQL Injection via Atom.CMS_admin_ajax_blur-save.php
CVE-2022-28034 1 Thedigitalcraft 1 Atomcms 2024-11-21 7.5 HIGH 9.8 CRITICAL
AtomCMS 2.0 is vulnerabie to SQL Injection via Atom.CMS_admin_ajax_list-sort.php
CVE-2022-28033 1 Thedigitalcraft 1 Atomcms 2024-11-21 7.5 HIGH 9.8 CRITICAL
Atom.CMS 2.0 is vulnerable to SQL Injection via Atom.CMS_admin_uploads.php
CVE-2022-28032 1 Thedigitalcraft 1 Atomcms 2024-11-21 7.5 HIGH 9.8 CRITICAL
AtomCMS 2.0 is vulnerable to SQL Injection via Atom.CMS_admin_ajax_pages.php
CVE-2022-25489 1 Thedigitalcraft 1 Atomcms 2024-11-21 3.5 LOW 5.4 MEDIUM
Atom CMS v2.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the "A" parameter in /widgets/debug.php.
CVE-2022-25488 1 Thedigitalcraft 1 Atomcms 2024-11-21 7.5 HIGH 9.8 CRITICAL
Atom CMS v2.0 was discovered to contain a SQL injection vulnerability via the id parameter in /admin/ajax/avatar.php.
CVE-2022-25487 1 Thedigitalcraft 1 Atomcms 2024-11-21 7.5 HIGH 9.8 CRITICAL
Atom CMS v2.0 was discovered to contain a remote code execution (RCE) vulnerability via /admin/uploads.php.
CVE-2022-24223 1 Thedigitalcraft 1 Atomcms 2024-11-21 7.5 HIGH 9.8 CRITICAL
AtomCMS v2.0 was discovered to contain a SQL injection vulnerability via /admin/login.php.