opensourcecms CVE Vulnerabilities & Metrics

Focus on opensourcecms vulnerabilities and metrics.

Last updated: 08 Mar 2026, 23:25 UTC

About opensourcecms Security Exposure

This page consolidates all known Common Vulnerabilities and Exposures (CVEs) associated with opensourcecms. We track both calendar-based metrics (using fixed periods) and rolling metrics (using gliding windows) to give you a comprehensive view of security trends and risk evolution. Use these insights to assess risk and plan your patching strategy.

For a broader perspective on cybersecurity threats, explore the comprehensive list of CVEs by vendor and product. Stay updated on critical vulnerabilities affecting major software and hardware providers.

Global CVE Overview

Total opensourcecms CVEs: 2
Earliest CVE date: 03 Feb 2026, 18:16 UTC
Latest CVE date: 03 Feb 2026, 18:16 UTC

Latest CVE reference: CVE-2020-37111

Rolling Stats

30-day Count (Rolling): 0
365-day Count (Rolling): 2

Calendar-based Variation

Calendar-based Variation compares a fixed calendar period (e.g., this month versus the same month last year), while Rolling Growth Rate uses a continuous window (e.g., last 30 days versus the previous 30 days) to capture trends independent of calendar boundaries.

Variations & Growth

Month Variation (Calendar): -100.0%
Year Variation (Calendar): 0%

Month Growth Rate (30-day Rolling): -100.0%
Year Growth Rate (365-day Rolling): 0.0%

Monthly CVE Trends (current vs previous Year)

Annual CVE Trends (Last 20 Years)

Critical opensourcecms CVEs (CVSS ≥ 9) Over 20 Years

CVSS Stats

Average CVSS: 0.0

Max CVSS: 0

Critical CVEs (≥9): 0

CVSS Range vs. Count

Range	Count
0.0-3.9	2
4.0-6.9	0
7.0-8.9	0
9.0-10.0	0

CVSS Distribution Chart

Top 5 Highest CVSS opensourcecms CVEs

These are the five CVEs with the highest CVSS scores for opensourcecms, sorted by severity first and recency.

CVE-2020-37111 opensourcecms Published on 03 Feb 2026, 18:16 UTC (CVSS: 0)
60CycleCMS 2.5.2 contains a cross-site scripting (XSS) vulnerability in news.php that allows attackers to inject malicious scripts through GET parameters. Attackers can craft malicious URLs with XSS payloads targeting the 'etsu' and 'ltsu' parameters to execute arbitrary scripts in victim's browsers. This issue does not involve SQL injection.
CVE-2020-37110 opensourcecms Published on 03 Feb 2026, 18:16 UTC (CVSS: 0)
60CycleCMS 2.5.2 contains an SQL injection vulnerability in news.php and common/lib.php that allows attackers to manipulate database queries through unvalidated user input. Attackers can exploit vulnerable query parameters like 'title' to inject malicious SQL code and potentially extract or modify database contents. This issue does not involve cross-site scripting.

All CVEs for opensourcecms

CVE-2020-37111 opensourcecms vulnerability CVSS: 0 03 Feb 2026, 18:16 UTC

60CycleCMS 2.5.2 contains a cross-site scripting (XSS) vulnerability in news.php that allows attackers to inject malicious scripts through GET parameters. Attackers can craft malicious URLs with XSS payloads targeting the 'etsu' and 'ltsu' parameters to execute arbitrary scripts in victim's browsers. This issue does not involve SQL injection.

CVE-2020-37110 opensourcecms vulnerability CVSS: 0 03 Feb 2026, 18:16 UTC

60CycleCMS 2.5.2 contains an SQL injection vulnerability in news.php and common/lib.php that allows attackers to manipulate database queries through unvalidated user input. Attackers can exploit vulnerable query parameters like 'title' to inject malicious SQL code and potentially extract or modify database contents. This issue does not involve cross-site scripting.