ESPCMS Security Vulnerabilities
An issue was discovered in espcms version P8.18101601. There is a cross site scripting (XSS) vulnerability that allows arbitrary code to be executed via the title...
4.8CVSS
6.4AI Score
0.0004EPSS
An issue was discovered in ESPCMS P8.21120101 after logging in to the background, there is a SQL injection vulnerability in the function node where members are...
7.2CVSS
7.2AI Score
0.001EPSS
A vulnerability, which was classified as problematic, was found in earclink ESPCMS P8.21120101. Affected is an unknown function of the component Content Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the...
5.4CVSS
5.3AI Score
0.001EPSS
ESPCMS P8.21120101 was discovered to contain a remote code execution (RCE) vulnerability in the component...
9.8CVSS
9.8AI Score
0.006EPSS
ESPCMS P8.21120101 was discovered to contain a remote code execution (RCE) vulnerability in the component...
9.8CVSS
9.8AI Score
0.006EPSS
ESPCMS P8.21120101 was discovered to contain a remote code execution (RCE) vulnerability in the component...
9.8CVSS
9.8AI Score
0.006EPSS
ESPCMS P8 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the fetch_filename function at...
7.2CVSS
7.3AI Score
0.003EPSS
6.1CVSS
6.1AI Score
0.001EPSS
EARCLINK ESPCMS-P8 was discovered to contain a SQL injection vulnerability in the espcms_web/Search.php component via the attr_array parameter. This vulnerability allows attackers to access sensitive database...
7.5CVSS
8.5AI Score
0.002EPSS
EARCLINK ESPCMS-P8 has SQL injection in the install_pack/index.php?ac=Member&at=verifyAccount verify_key parameter. install_pack/espcms_public/espcms_db.php may allow retrieving sensitive information from the ESPCMS...
7.5CVSS
8.1AI Score
0.002EPSS