118 matches found
CVE-2025-46359
A path traversal issue exists in backup and restore feature of multiple versions of PowerCMS. A product administrator may execute arbitrary code by restoring a crafted backup file...
CVE-2025-46359
A path traversal issue exists in backup and restore feature of multiple versions of PowerCMS. A product administrator may execute arbitrary code by restoring a crafted backup file...
CVE-2025-46359
CVE-2025-46359 : A path traversal flaw in the backup/restore feature of multiple PowerCMS versions allows an administrator to execute arbitrary code by restoring a crafted backup file. The vulnerability affects the backup/restore component (no version numbers specified in sources). Remediation is...
CVE-2025-54752
CVE-2025-54752 affects PowerCMS; vulnerable component is the handling of CSV files where malformed entries can cause embedded code execution when opened by a victim. Root cause cited: improper neutralization of formula elements in a CSV file. Impact described as code execution with user interacti...
CVE-2025-54752
Multiple versions of PowerCMS improperly neutralize formula elements in a CSV file. If a product user creates a malformed entry and a victim user downloads it as a CSV file and opens it in the user's environment, the embedded code may be executed...
CVE-2025-54752
Multiple versions of PowerCMS improperly neutralize formula elements in a CSV file. If a product user creates a malformed entry and a victim user downloads it as a CSV file and opens it in the user's environment, the embedded code may be executed...
CVE-2025-54757
CVE-2025-54757 affects PowerCMS. Unrestricted upload of files allows a product user-uploaded file to contain dangerous content, potentially enabling an arbitrary script when an administrator opens the malicious file in the browser. The root issue is unsafe handling of file uploads that can be man...
CVE-2025-54757
Multiple versions of PowerCMS allow unrestricted upload of dangerous files. If a product administrator accesses a malicious file uploaded by a product user, an arbitrary script may be executed on the browser...
CVE-2025-54757
Multiple versions of PowerCMS allow unrestricted upload of dangerous files. If a product administrator accesses a malicious file uploaded by a product user, an arbitrary script may be executed on the browser...
PT-2025-31483 · Powercms · Powercms
Name of the Vulnerable Software and Affected Versions: PowerCMS affected versions not specified Description: A reflected cross-site scripting issue exists in multiple versions of PowerCMS. If a product administrator accesses a crafted URL, an arbitrary script may be executed in the browser...
PT-2025-31485 · Powercms · Powercms
Name of the Vulnerable Software and Affected Versions: PowerCMS affected versions not specified Description: A path traversal issue exists in the file uploading feature of PowerCMS. A product user could overwrite arbitrary files. Recommendations: At the moment, there is no information about a new...
PT-2025-31484 · Powercms · Powercms
Name of the Vulnerable Software and Affected Versions: PowerCMS affected versions not specified Description: A stored cross-site scripting issue exists in PowerCMS. Accessing a malicious page could allow for the execution of arbitrary scripts in the user's browser. Recommendations: At the moment,...
Alfasado PowerCMS 跨站脚本漏洞
Alfasado PowerCMS is a content management system CMS from Alfasado Japan. A cross-site scripting vulnerability exists in Alfasado PowerCMS that originates from stored cross-site scripting and could lead to the execution of arbitrary script...
PT-2025-31487 · Powercms · Powercms
Name of the Vulnerable Software and Affected Versions: PowerCMS affected versions not specified Description: Multiple versions of PowerCMS improperly neutralize formula elements within a CSV file. A malicious user can create a crafted CSV entry. If a victim user downloads and opens this file in...
PT-2025-31486 · Powercms · Powercms
Name of the Vulnerable Software and Affected Versions: PowerCMS affected versions not specified Description: A path traversal issue exists in the backup and restore feature of PowerCMS. A product administrator may execute arbitrary code by restoring a crafted backup file. Recommendations: At the...
Alfasado PowerCMS 路径遍历漏洞
Alfasado PowerCMS is a content management system CMS from Alfasado Japan. A path traversal vulnerability exists in Alfasado PowerCMS that stems from a path traversal in the backup and restore functionality that could lead to the execution of arbitrary code...
Alfasado PowerCMS 安全漏洞
Alfasado PowerCMS is a content management system CMS from Alfasado Japan. A security vulnerability exists in Alfasado PowerCMS that stems from improper handling of CSV files, which could lead to the execution of embedded code...
PT-2025-31481 · Powercms · Powercms
Name of the Vulnerable Software and Affected Versions: PowerCMS affected versions not specified Description: Multiple versions of PowerCMS allow unrestricted upload of dangerous files. If a product administrator accesses a malicious file uploaded by a user, an arbitrary script may be executed in...
Alfasado PowerCMS 代码问题漏洞
Alfasado PowerCMS is a content management system CMS from Alfasado Japan. A code issue vulnerability exists in Alfasado PowerCMS that stems from an insufficient file upload limit and could lead to the execution of arbitrary script...
Alfasado PowerCMS 路径遍历漏洞
Alfasado PowerCMS is a content management system CMS from Alfasado Japan. A path traversal vulnerability exists in Alfasado PowerCMS, which stems from a path traversal in the file upload function that could lead to overwriting arbitrary files...