Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-55089 | 1 Rhymix | 1 Rhymix | 2025-06-24 | N/A | 9.1 CRITICAL |
| Rhymix 2.1.19 is vulnerable to Server-Side Request Forgery (SSRF) in the background import data function. | |||||
| CVE-2025-45242 | 1 Rhymix | 1 Rhymix | 2025-06-17 | N/A | 7.7 HIGH |
| Rhymix v2.1.22 was discovered to contain an arbitrary file deletion vulnerability via the procFileAdminEditImage method in /file/file.admin.controller.php. | |||||
| CVE-2018-19601 | 1 Rhymix | 1 Rhymix | 2024-11-21 | 6.5 MEDIUM | 9.1 CRITICAL |
| Rhymix CMS 1.9.8.1 allows SSRF via an index.php?module=admin&act=dispModuleAdminFileBox SVG upload. | |||||
| CVE-2018-19600 | 1 Rhymix | 1 Rhymix | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| Rhymix CMS 1.9.8.1 allows XSS via an index.php?module=admin&act=dispModuleAdminFileBox SVG upload. | |||||