thedigitalcraft CVE Vulnerabilities & Metrics

Focus on thedigitalcraft vulnerabilities and metrics.

Last updated: 16 Jan 2026, 23:25 UTC

About thedigitalcraft Security Exposure

This page consolidates all known Common Vulnerabilities and Exposures (CVEs) associated with thedigitalcraft. We track both calendar-based metrics (using fixed periods) and rolling metrics (using gliding windows) to give you a comprehensive view of security trends and risk evolution. Use these insights to assess risk and plan your patching strategy.

For a broader perspective on cybersecurity threats, explore the comprehensive list of CVEs by vendor and product. Stay updated on critical vulnerabilities affecting major software and hardware providers.

Global CVE Overview

Total thedigitalcraft CVEs: 10
Earliest CVE date: 10 Jul 2014, 16:55 UTC
Latest CVE date: 22 Dec 2025, 22:16 UTC

Latest CVE reference: CVE-2023-53975

Rolling Stats

30-day Count (Rolling): 1
365-day Count (Rolling): 1

Calendar-based Variation

Calendar-based Variation compares a fixed calendar period (e.g., this month versus the same month last year), while Rolling Growth Rate uses a continuous window (e.g., last 30 days versus the previous 30 days) to capture trends independent of calendar boundaries.

Variations & Growth

Month Variation (Calendar): 0%
Year Variation (Calendar): 0%

Month Growth Rate (30-day Rolling): 0.0%
Year Growth Rate (365-day Rolling): 0.0%

Monthly CVE Trends (current vs previous Year)

Annual CVE Trends (Last 20 Years)

Critical thedigitalcraft CVEs (CVSS ≥ 9) Over 20 Years

CVSS Stats

Average CVSS: 6.45

Max CVSS: 7.5

Critical CVEs (≥9): 0

CVSS Range vs. Count

Range	Count
0.0-3.9	2
4.0-6.9	0
7.0-8.9	9
9.0-10.0	0

CVSS Distribution Chart

Top 5 Highest CVSS thedigitalcraft CVEs

These are the five CVEs with the highest CVSS scores for thedigitalcraft, sorted by severity first and recency.

CVE-2022-28036 thedigitalcraft Published on 12 Apr 2022, 16:15 UTC (CVSS: 7.5)
AtomCMS 2.0 is vulnerable to SQL Injection via Atom.CMS_admin_ajax_navigation.php
CVE-2022-28035 thedigitalcraft Published on 12 Apr 2022, 16:15 UTC (CVSS: 7.5)
Atom.CMS 2.0 is vulnerable to SQL Injection via Atom.CMS_admin_ajax_blur-save.php
CVE-2022-28034 thedigitalcraft Published on 12 Apr 2022, 16:15 UTC (CVSS: 7.5)
AtomCMS 2.0 is vulnerabie to SQL Injection via Atom.CMS_admin_ajax_list-sort.php
CVE-2022-28033 thedigitalcraft Published on 12 Apr 2022, 16:15 UTC (CVSS: 7.5)
Atom.CMS 2.0 is vulnerable to SQL Injection via Atom.CMS_admin_uploads.php
CVE-2022-28032 thedigitalcraft Published on 12 Apr 2022, 16:15 UTC (CVSS: 7.5)
AtomCMS 2.0 is vulnerable to SQL Injection via Atom.CMS_admin_ajax_pages.php

All CVEs for thedigitalcraft

CVE-2023-53975 thedigitalcraft vulnerability CVSS: 0 22 Dec 2025, 22:16 UTC

Atom CMS 2.0 contains an unauthenticated SQL injection vulnerability that allows remote attackers to manipulate database queries through unvalidated parameters. Attackers can inject malicious SQL code in the 'id' parameter of the admin index page to execute time-based blind SQL injection attacks.

CVE-2022-28036 thedigitalcraft vulnerability CVSS: 7.5 12 Apr 2022, 16:15 UTC

AtomCMS 2.0 is vulnerable to SQL Injection via Atom.CMS_admin_ajax_navigation.php

CVE-2022-28035 thedigitalcraft vulnerability CVSS: 7.5 12 Apr 2022, 16:15 UTC

Atom.CMS 2.0 is vulnerable to SQL Injection via Atom.CMS_admin_ajax_blur-save.php

CVE-2022-28034 thedigitalcraft vulnerability CVSS: 7.5 12 Apr 2022, 16:15 UTC

AtomCMS 2.0 is vulnerabie to SQL Injection via Atom.CMS_admin_ajax_list-sort.php

CVE-2022-28033 thedigitalcraft vulnerability CVSS: 7.5 12 Apr 2022, 16:15 UTC

Atom.CMS 2.0 is vulnerable to SQL Injection via Atom.CMS_admin_uploads.php

CVE-2022-28032 thedigitalcraft vulnerability CVSS: 7.5 12 Apr 2022, 16:15 UTC

AtomCMS 2.0 is vulnerable to SQL Injection via Atom.CMS_admin_ajax_pages.php

CVE-2022-25489 thedigitalcraft vulnerability CVSS: 3.5 15 Mar 2022, 18:15 UTC

Atom CMS v2.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the "A" parameter in /widgets/debug.php.

CVE-2022-25488 thedigitalcraft vulnerability CVSS: 7.5 15 Mar 2022, 18:15 UTC

Atom CMS v2.0 was discovered to contain a SQL injection vulnerability via the id parameter in /admin/ajax/avatar.php.

CVE-2022-25487 thedigitalcraft vulnerability CVSS: 7.5 15 Mar 2022, 18:15 UTC

Atom CMS v2.0 was discovered to contain a remote code execution (RCE) vulnerability via /admin/uploads.php.

CVE-2022-24223 thedigitalcraft vulnerability CVSS: 7.5 01 Feb 2022, 19:15 UTC

AtomCMS v2.0 was discovered to contain a SQL injection vulnerability via /admin/login.php.

CVE-2014-4852 thedigitalcraft vulnerability CVSS: 7.5 10 Jul 2014, 16:55 UTC

SQL injection vulnerability in admin/uploads.php in The Digital Craft AtomCMS, possibly 2.0, allows remote attackers to execute arbitrary SQL commands via the id parameter.