Evolution cms
This hub aggregates every CVE we track for Evolution cms, a product in the web cms plugins space. Use it to gauge the current risk picture and drill into individual advisories.
6
CVEs tracked
0
Critical
2
High
0
In CISA KEV
Severity distribution
MEDIUM4HIGH2
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
2024-082026-07
Latest CVEs
The 6 most recently published vulnerabilities affecting Evolution cms.
- CVE-2021-47939Evolution CMS 3.1.6 Authenticated Remote Code Execution via Module Creation8.8
- BDU:2022-00851Уязвимость системы управления контентом Evolution CMS, связанная с непринятием мер по защите структуры веб-страницы, позволяющая нарушителю осуществлять межсайтовые сценарные атаки (XSS)8.4
- CVE-2020-23238Cross Site Scripting (XSS) vulnerability in Evolution CMS 2.0.2 via the Document Manager feature.5.4
- CVE-2019-14518Evolution CMS 2.0.x allows XSS via a description and new category location in a template. NOTE: the vendor states that the behavior is consistent with the "access policy in the administration panel.5.4
- CVE-2018-16637Evolution CMS 1.4.x allows XSS via the page weblink title parameter to the manager/ URI.5.4
- CVE-2018-16638Evolution CMS 1.4.x allows XSS via the manager/ search parameter.5.4
Product normalization is registry-driven with AI assist and human review. How it works