Known Vulnerabilities for products from Ayacms Project

Listed below are 9 of the newest known vulnerabilities associated with the vendor "Ayacms Project".

These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.

Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.

Known Vulnerabilities

CVE	Shortened Description	Severity	Publish Date	Last Modified
CVE-2022-48116 json	AyaCMS v3.1.2 was discovered to contain a remote code execution (RCE) vulnerability via the component /admin/tpl_edit.inc.php...	7.2 - HIGH	2023-01-27	2023-02-04
CVE-2022-47926 json	AyaCMS 3.1.2 is vulnerable to file deletion via /aya/module/admin/fst_del.inc.php	9.8 - CRITICAL	2022-12-22	2023-01-05
CVE-2022-46102 json	AyaCMS 3.1.2 is vulnerable to Arbitrary file upload via /aya/module/admin/fst_down.inc.php	9.8 - CRITICAL	2022-12-22	2023-01-05
CVE-2022-46101 json	AyaCMS v3.1.2 was found to have a code flaw in the ust_sql.inc.php file, which allows attackers to cause command execution by...	8.8 - HIGH	2022-12-22	2023-01-05
CVE-2022-45550 json	AyaCMS 3.1.2 is vulnerable to Remote Code Execution (RCE).	9.8 - CRITICAL	2022-12-07	2023-08-08
CVE-2022-45548 json	AyaCMS v3.1.2 has an Arbitrary File Upload vulnerability.	8.8 - HIGH	2022-12-06	2022-12-07
CVE-2022-43074 json	AyaCMS v3.1.2 was discovered to contain an arbitrary file upload vulnerability via the component /admin/fst_upload.inc.php. T...	9.8 - CRITICAL	2022-11-10	2022-11-15
CVE-2021-44238 json	AyaCMS 3.1.2 is vulnerable to Remote Code Execution (RCE) via /aya/module/admin/ust_tab_e.inc.php,	7.2 - HIGH	2022-03-01	2022-03-08
CVE-2020-23686 json	Cross site request forgery (CSRF) vulnerability in AyaCMS 3.1.2 allows attackers to change an administrators password or othe...	8.8 - HIGH	2021-11-02	2021-11-08