MEDIUM🇵🇱 Wersja polska

CVE-2023-39376

CVSS 6.5v3.1pub. 2023-09-27upd. 2024-11-21

SiberianCMS - CWE-284 Improper Access Control Authorized user may disable a security feature over the network

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
  • Siberiancms

    APP
    Siberiancms
    4.0.0 – 4.20.44 (bez)5.0.0 – 5.0.4 (bez)
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2024-41702CRITICAL9.8PL ✓ten sam produkt

SQL Injection w SiberianCMS — krytyczna podatność bazy danych

CVE-2023-39375HIGH7.5ten sam produkt

SiberianCMS - CWE-274: Improper Handling of Insufficient Privileges

CVE-2023-39377HIGH7.2ten sam produkt

SiberianCMS - CWE-434: Unrestricted Upload of File with Dangerous Type - A malicious user with administrative...

CVE-2023-39378HIGH8.8ten sam produkt

SiberianCMS - CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') b...

CVE-2025-1105MEDIUM5.3ten sam produkt

A vulnerability was found in SiberianCMS 4.20.6. It has been rated as problematic. Affected by this issue is s...