Lucene search
K

118 matches found

Vulnrichment
Vulnrichment
added 2025/07/31 7:22 a.m.3 views

CVE-2025-46359

A path traversal issue exists in backup and restore feature of multiple versions of PowerCMS. A product administrator may execute arbitrary code by restoring a crafted backup file...

8.6CVSS7.9AI score0.0054EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/07/31 7:22 a.m.7 views

CVE-2025-46359

A path traversal issue exists in backup and restore feature of multiple versions of PowerCMS. A product administrator may execute arbitrary code by restoring a crafted backup file...

8.6CVSS0.0054EPSS
Exploits0References2
CVE
CVE
added 2025/07/31 7:22 a.m.22 views

CVE-2025-46359

CVE-2025-46359 : A path traversal flaw in the backup/restore feature of multiple PowerCMS versions allows an administrator to execute arbitrary code by restoring a crafted backup file. The vulnerability affects the backup/restore component (no version numbers specified in sources). Remediation is...

8.6CVSS7.4AI score0.0054EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2025/07/31 7:21 a.m.15 views

CVE-2025-54752

CVE-2025-54752 affects PowerCMS; vulnerable component is the handling of CSV files where malformed entries can cause embedded code execution when opened by a victim. Root cause cited: improper neutralization of formula elements in a CSV file. Impact described as code execution with user interacti...

8CVSS6.7AI score0.00224EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/07/31 7:21 a.m.5 views

CVE-2025-54752

Multiple versions of PowerCMS improperly neutralize formula elements in a CSV file. If a product user creates a malformed entry and a victim user downloads it as a CSV file and opens it in the user's environment, the embedded code may be executed...

6.5CVSS7.3AI score0.00224EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/07/31 7:21 a.m.11 views

CVE-2025-54752

Multiple versions of PowerCMS improperly neutralize formula elements in a CSV file. If a product user creates a malformed entry and a victim user downloads it as a CSV file and opens it in the user's environment, the embedded code may be executed...

6.5CVSS0.00224EPSS
Exploits0References2
CVE
CVE
added 2025/07/31 7:20 a.m.19 views

CVE-2025-54757

CVE-2025-54757 affects PowerCMS. Unrestricted upload of files allows a product user-uploaded file to contain dangerous content, potentially enabling an arbitrary script when an administrator opens the malicious file in the browser. The root issue is unsafe handling of file uploads that can be man...

8CVSS6.8AI score0.00203EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/07/31 7:20 a.m.11 views

CVE-2025-54757

Multiple versions of PowerCMS allow unrestricted upload of dangerous files. If a product administrator accesses a malicious file uploaded by a product user, an arbitrary script may be executed on the browser...

6.5CVSS0.00203EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/07/31 7:20 a.m.6 views

CVE-2025-54757

Multiple versions of PowerCMS allow unrestricted upload of dangerous files. If a product administrator accesses a malicious file uploaded by a product user, an arbitrary script may be executed on the browser...

6.5CVSS6.6AI score0.00203EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/07/31 12:0 a.m.5 views

PT-2025-31483 · Powercms · Powercms

Name of the Vulnerable Software and Affected Versions: PowerCMS affected versions not specified Description: A reflected cross-site scripting issue exists in multiple versions of PowerCMS. If a product administrator accesses a crafted URL, an arbitrary script may be executed in the browser...

6.1CVSS5.8AI score0.00182EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/07/31 12:0 a.m.6 views

PT-2025-31485 · Powercms · Powercms

Name of the Vulnerable Software and Affected Versions: PowerCMS affected versions not specified Description: A path traversal issue exists in the file uploading feature of PowerCMS. A product user could overwrite arbitrary files. Recommendations: At the moment, there is no information about a new...

6.5CVSS6.4AI score0.00346EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/07/31 12:0 a.m.5 views

PT-2025-31484 · Powercms · Powercms

Name of the Vulnerable Software and Affected Versions: PowerCMS affected versions not specified Description: A stored cross-site scripting issue exists in PowerCMS. Accessing a malicious page could allow for the execution of arbitrary scripts in the user's browser. Recommendations: At the moment,...

5.4CVSS5.9AI score0.00167EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/07/31 12:0 a.m.1 views

Alfasado PowerCMS 跨站脚本漏洞

Alfasado PowerCMS is a content management system CMS from Alfasado Japan. A cross-site scripting vulnerability exists in Alfasado PowerCMS that originates from stored cross-site scripting and could lead to the execution of arbitrary script...

5.4CVSS6.7AI score0.00167EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/07/31 12:0 a.m.6 views

PT-2025-31487 · Powercms · Powercms

Name of the Vulnerable Software and Affected Versions: PowerCMS affected versions not specified Description: Multiple versions of PowerCMS improperly neutralize formula elements within a CSV file. A malicious user can create a crafted CSV entry. If a victim user downloads and opens this file in...

8CVSS6.3AI score0.00224EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/07/31 12:0 a.m.4 views

PT-2025-31486 · Powercms · Powercms

Name of the Vulnerable Software and Affected Versions: PowerCMS affected versions not specified Description: A path traversal issue exists in the backup and restore feature of PowerCMS. A product administrator may execute arbitrary code by restoring a crafted backup file. Recommendations: At the...

8.6CVSS7.1AI score0.0054EPSS
Exploits0References8
CNNVD
CNNVD
added 2025/07/31 12:0 a.m.3 views

Alfasado PowerCMS 路径遍历漏洞

Alfasado PowerCMS is a content management system CMS from Alfasado Japan. A path traversal vulnerability exists in Alfasado PowerCMS that stems from a path traversal in the backup and restore functionality that could lead to the execution of arbitrary code...

8.6CVSS7.1AI score0.0054EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/07/31 12:0 a.m.4 views

Alfasado PowerCMS 安全漏洞

Alfasado PowerCMS is a content management system CMS from Alfasado Japan. A security vulnerability exists in Alfasado PowerCMS that stems from improper handling of CSV files, which could lead to the execution of embedded code...

8CVSS7AI score0.00224EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/07/31 12:0 a.m.7 views

PT-2025-31481 · Powercms · Powercms

Name of the Vulnerable Software and Affected Versions: PowerCMS affected versions not specified Description: Multiple versions of PowerCMS allow unrestricted upload of dangerous files. If a product administrator accesses a malicious file uploaded by a user, an arbitrary script may be executed in...

8CVSS6.4AI score0.00203EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/07/31 12:0 a.m.5 views

Alfasado PowerCMS 代码问题漏洞

Alfasado PowerCMS is a content management system CMS from Alfasado Japan. A code issue vulnerability exists in Alfasado PowerCMS that stems from an insufficient file upload limit and could lead to the execution of arbitrary script...

8CVSS7.2AI score0.00203EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/07/31 12:0 a.m.3 views

Alfasado PowerCMS 路径遍历漏洞

Alfasado PowerCMS is a content management system CMS from Alfasado Japan. A path traversal vulnerability exists in Alfasado PowerCMS, which stems from a path traversal in the file upload function that could lead to overwriting arbitrary files...

6.5CVSS7.1AI score0.00346EPSS
Exploits0References2
Rows per page
Query Builder