Packagist/nukeviet/nukeviet — 12 CVEs

CRITICAL9.8CVE-2020-21809NukeViet SQL Injection vulnerability

>= 4.0, < 4.0.29

CRITICAL9.8CVE-2020-21808NukeViet SQL Injection vulnerability via topicsid parameter

>= 4.0.10, < 4.3.08

CRITICAL9.8CVE-2019-7725Deserialization of Untrusted Data in NukeViet

from 0, < 4.3.04

CRITICAL9.8SQL Injection in NukeViet

from 0, < 4.3.04

HIGH8.8nukeviet Deserialization of Untrusted Data vulnerability

from 0, <= 4.5

HIGH8.8NukeViet Cross-Site Request Forgery (CSRF)

HIGH8.7NukeViet CMS: Stored Cross-Site Scripting (XSS) via insufficient server-side input sanitization in Request class

from 0, <= 4.4.01

MEDIUM6.5NukeViet Cross-Site Request Forgery (CSRF)

MEDIUM6.1NukeView CMS vulnerable to Cross-site Scripting

from 0, < 4.5

MEDIUM6.1NukeViet Cross-site Scripting via the editor in the News module

>= 4.4.0, < 4.4.01

MEDIUM5.4Cross-site Scripting in NukeViet CMS

from 0, < 4.5.02

pkg:Packagist/nukeviet/nukeviet