FAIL › dossier
· dossier confidence 60%
ESPCMS is a CMS product with a critical security track record, including three remote code execution vulnerabilities discovered in November 2022.
Critical security vulnerabilities (RCE) were discovered in November 2022, indicating a failure to patch or secure core components against remote exploitation.
| Date | Event | Sev | Flags | Shame | Summary |
|---|---|---|---|---|---|
| 2022-11-10 | CVE-2022-44088 | critical | ⚡RCE | 50 | ESPCMS P8.21120101 was discovered to contain a remote code execution (RCE) vulnerability in the component INPUT_ISDESCRIPTION. |
| 2022-11-10 | CVE-2022-44089 | critical | ⚡RCE | 50 | ESPCMS P8.21120101 was discovered to contain a remote code execution (RCE) vulnerability in the component IS_GETCACHE. |
| 2022-11-10 | CVE-2022-44087 | critical | ⚡RCE | 50 | ESPCMS P8.21120101 was discovered to contain a remote code execution (RCE) vulnerability in the component UPFILE_PIC_ZOOM_HIGHT. |
Open questions: ESPCMS is a product, not a company; no independent corporate profile data available · No founding date, headquarters, or size data available for ESPCMS or its parent company