Skip to main content
Affected Products
Affected Products
Vendor / product matrix with CVE counts sourced from the CPE catalog.
Vendor
Product
in engineercms_project
Min CVSS
Any
Low (0.1+)
Medium (4.0+)
High (7.0+)
Critical (9.0+)
Sort By
Vendor (A–Z)
Most CVEs
Worst Severity
Most KEV
Apply
Clear
Export CSV
Products
1 vendor
Vendor
Products
CVEs
KEV
Avg EPSS
Worst Severity
engineercms_project
1
3
0
29.2%
CRITICAL
← First page
Next page →
Related CVEs
3
Sort
Newest first
Highest EPSS
Highest CVSS
Severity
CVE ID
Description
Severity
CVSS
KEV
EPSS
Published
CVE-2025-44831
EngineerCMS v1.02 through v2.0.5 has a SQL injection vulnerability in the /project/addproject interface.
CRITICAL
9.8
—
27.4%
May 13, 2025
CVE-2025-44830
EngineerCMS v1.02 through v.2.0.5 has a SQL injection vulnerability in the /project/addprojtemplet interface.
CRITICAL
9.8
—
31.0%
May 12, 2025
CVE-2021-36605
engineercms 1.03 is vulnerable to Cross Site Scripting (XSS). There is no escaping in the nickname field on the user list page. When viewing this page, the JavaScript code will be executed in the user's browser.
MEDIUM
5.4
—
—
Jul 30, 2021