All 9 CVE vulnerabilities found in PAD CMS, with AI-generated Chinese analysis, references, and POCs.
Vendor: Polska Akademia Dostępności
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-8122 | Blind SQL Injection in PAD CMS CWE-89 | 8.8AI | HighAI | 2025-09-30 |
| CVE-2025-8121 | Blind SQL Injection in PAD CMS CWE-89 | 8.8AI | HighAI | 2025-09-30 |
| CVE-2025-8120 | Remote Code Execution via Unrestricted File Upload in PAD CMS CWE-434 | 9.8AI | CriticalAI | 2025-09-30 |
| CVE-2025-8119 | Cross-Site Request Forgery in PAD CMS CWE-352 | 6.5AI | MediumAI | 2025-09-30 |
| CVE-2025-8118 | Bruteforce Protection Bypass in PAD CMS CWE-307 | 9.8AI | CriticalAI | 2025-09-30 |
| CVE-2025-8117 | Account Takeover via Reset Password Functionality in PAD CMS CWE-909 | 9.1AI | CriticalAI | 2025-09-30 |
| CVE-2025-8116 | Reflected XSS in PAD CMS CWE-79 | 6.1AI | MediumAI | 2025-09-30 |
| CVE-2025-7065 | Remote Code Execution via Unrestricted File Upload in PAD CMS CWE-434 | 9.8AI | CriticalAI | 2025-09-30 |
| CVE-2025-7063 | Remote Code Execution via Unrestricted File Upload in PAD CMS CWE-434 | 9.8AI | CriticalAI | 2025-09-30 |
All 9 known CVE vulnerabilities affecting PAD CMS with full Chinese analysis, references, and POCs where available.