Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Tpcms Security Vulnerabilities

cve
cve

CVE-2021-36544

Incorrect Access Control issue discovered in tpcms 3.2 allows remote attackers to view sensitive information via path in application URL.

7.5CVSS

7.3AI Score

0.002EPSS

2023-02-03 06:15 PM
16
cve
cve

CVE-2021-36545

Cross Site Scripting (XSS) vulnerability in tpcms 3.2 allows remote attackers to run arbitrary code via the cfg_copyright or cfg_tel field in Site Configuration page.

5.4CVSS

5.4AI Score

0.001EPSS

2023-02-03 06:15 PM
16
cve
cve

CVE-2022-27441

A stored cross-site scripting (XSS) vulnerability in TPCMS v3.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Phone text box.

4.8CVSS

4.9AI Score

0.001EPSS

2022-04-04 09:15 PM
46
cve
cve

CVE-2022-27442

TPCMS v3.2 allows attackers to access the ThinkPHP log directory and obtain sensitive information such as the administrator's user name and password.

7.5CVSS

7.3AI Score

0.002EPSS

2022-04-04 09:15 PM
52
cve
cve

CVE-2022-29624

An arbitrary file upload vulnerability in the Add File function of TPCMS v3.2 allows attackers to execute arbitrary code via a crafted PHP file.

8.8CVSS

8.8AI Score

0.001EPSS

2022-06-02 02:15 PM
31
6