Kalyan02 Nanocms vulnerabilities
2 known vulnerabilities affecting kalyan02/nanocms.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH2
Vulnerabilities
Page 1 of 1
CVE-2022-50898P2HIGHCVSS 8.8v0.42026-01-13
CVE-2022-50898 [HIGH] CWE-434 CVE-2022-50898: NanoCMS 0.4 contains an authenticated file upload vulnerability that allows remote code execution th
NanoCMS 0.4 contains an authenticated file upload vulnerability that allows remote code execution through unvalidated page content creation. Authenticated attackers can upload PHP files with arbitrary code to the server's pages directory by exploiting the page creation mechanism without proper input sanitization.
nvd
CVE-2026-1978P3HIGHCVSS 7.5≤ 0.4v0.1+3 more2026-02-06
CVE-2026-1978 [HIGH] CWE-425 CVE-2026-1978: A vulnerability was detected in kalyan02 NanoCMS up to 0.4. Affected by this issue is some unknown f
A vulnerability was detected in kalyan02 NanoCMS up to 0.4. Affected by this issue is some unknown functionality of the file /data/pagesdata.txt of the component User Information Handler. Performing a manipulation results in direct request. It is possible to initiate the attack remotely. The exploit is now public and may be used. You should change the c
nvd