Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

premio — Vulnerabilities & Security Advisories 22

Browse all 22 CVE security advisories affecting premio. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Premio operates as a digital signage and content management platform, enabling enterprises to manage multimedia displays across distributed locations. Security audits have identified twenty-two Common Vulnerabilities and Exposures (CVEs) associated with the software, highlighting significant historical weaknesses in its architecture. The most prevalent vulnerability classes include Remote Code Execution (RCE), Cross-Site Scripting (XSS), and Privilege Escalation flaws, often stemming from insufficient input validation and improper access controls within its web interface and API endpoints. These defects have allowed attackers to execute arbitrary commands, steal session cookies, or bypass authentication mechanisms, potentially leading to full system compromise. While specific major public incidents remain largely undocumented in open sources, the high volume of CVEs suggests a pattern of recurring security lapses in update cycles. Organizations utilizing this platform must prioritize patching and network segmentation to mitigate the risk of exploitation inherent in its legacy codebase.

Found 6 results / 22Clear Filters
Top products by premio: Folders – Unlimited Folders to Organize Media Library Folder, Pages, Posts, File Manager Chaty My Sticky Bar – Floating Notification Bar & Sticky Header (formerly myStickymenu) Stars Testimonials — Responsive Reviews & Star Ratings My Sticky Elements Coupon X – Discount Popups & Promo Codes Pop Ups for WooCommerce Chaty (WordPress plugin) Folders Pro Floating Chat Widget: Contact Chat Icons, Telegram Chat, Line Messenger, WeChat, Email, SMS, Call Button – Chaty Stars Testimonials All-in-one Sticky Floating Contact Form, Call, Click to Chat, and 50+ Social Icon Tabs – My Sticky Elements
CVE IDTitleCVSSSeverityPublished
CVE-2025-12640 Folders – Unlimited Folders to Organize Media Library Folder, Pages, Posts, File Manager <= 3.1.5 - Missing Authorization to Authenticated (Author+) Media Replacement — Folders – Unlimited Folders to Organize Media Library Folder, Pages, Posts, File ManagerCWE-862 4.3 Medium2026-01-08
CVE-2025-12971 Folders <= 3.1.5 - Incorrect Authorization to Authenticated (Contributor+) Folder Content Manipulation — Folders – Unlimited Folders to Organize Media Library Folder, Pages, Posts, File ManagerCWE-863 4.3 Medium2025-11-27
CVE-2024-7317 Folders – Unlimited Folders to Organize Media Library Folder, Pages, Posts, File Manager <= 3.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via SVG File Upload — Folders – Unlimited Folders to Organize Media Library Folder, Pages, Posts, File ManagerCWE-79 6.4 Medium2024-08-06
CVE-2024-2023 Folders <= 3.0 and Folders Pro <= 3.0.2 - Directory Traversal via handle_folders_file_upload — Folders – Unlimited Folders to Organize Media Library Folder, Pages, Posts, File ManagerCWE-22 4.3 Medium2024-06-14
CVE-2024-3868 Folders Pro <= 3.0.2 - Authenticated (Subscriber+) Stored Cross-Site Scripting via User First Name and Last Name — Folders – Unlimited Folders to Organize Media Library Folder, Pages, Posts, File ManagerCWE-79 5.4 Medium2024-05-04
CVE-2023-40204 WordPress Folders Plugin <= 2.9.2 is vulnerable to Arbitrary File Upload — Folders – Unlimited Folders to Organize Media Library Folder, Pages, Posts, File ManagerCWE-434 9.1 Critical2023-12-20

This page lists every published CVE security advisory associated with premio. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.