CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

RedhatCVE•added 2025/05/22 6:39 p.m.•5 views

CVE-2021-36425

Directory traversal vulnerability in phpcms 1.9.25 allows remote attackers to delete arbitrary files via unfiltered $file parameter to unlink method in include/incact/actftptakeover.php file...

5.4CVSS7.1AI score0.01452EPSS

Exploits1

RedhatCVE•added 2025/05/22 7:40 a.m.•5 views

CVE-2019-10027

PHPCMS 9.6.x through 9.6.3 has XSS via the mailbox aka E-mail field on the personal information screen...

4.8CVSS5.7AI score0.00235EPSS

Exploits1References1

Positive Technologies•added 2023/02/03 12:0 a.m.•1 views

PT-2023-12268 · Phpcms · Phpcms

Name of the Vulnerable Software and Affected Versions: phpcms version 1.9.25 Description: The issue allows remote attackers to delete arbitrary files due to a directory traversal vulnerability. This is achieved by exploiting an unfiltered file parameter in the unlink method within the include/inc...

5.4CVSS5.4AI score0.01452EPSS

Exploits1References4

NVD•added 2018/07/19 5:29 a.m.•10 views

CVE-2018-14399

libs\classes\attachment.class.php in PHPCMS 9.6.0 allows remote attackers to upload and execute arbitrary PHP code via a .txt?.php.jpg URI in the SRC attribute of an IMG element within infocontent JSON data to the index.php?m=member&c=index&a=register URI...

9.8CVSS9.7AI score0.00724EPSS

Exploits0References1

CNVD•added 2017/10/17 12:0 a.m.•1 views

Code Execution Vulnerability in PHPCMS v9.6.3

PHPCMS is a web content management system based on PHP and Mysql architecture. A code execution vulnerability exists in the backend of phpcms version v9.6.3, which can be exploited by attackers to gain server privileges...

7.8AI score

Exploits0

CNVD•added 2017/04/21 12:0 a.m.•1 views

PHPCMS V9 Full Version Has Reflective XSS Vulnerability

PHPCMS is a web content management system based on PHP and Mysql architecture. PHPCMS V9 full version of the existence of reflective XSS vulnerability, an attacker can use this vulnerability to web form to insert XSS execution code, pop-up box operation, access to user cookies and other sensitive...

6.4AI score

Exploits0

CNVD•added 2016/09/21 12:0 a.m.•1 views

PHPCMS V9 Trojan Bypass Configuration Vulnerability

PHPCMS is a web content management system based on PHP and Mysql architecture. The system includes modules such as news, pictures, downloads, information and products. PHPCMS V9 Trojan horse checking at the existence of bypass configuration vulnerability, allowing attackers to exploit the...

6.6AI score

Exploits0

CNVD•added 2016/09/21 12:0 a.m.•1 views

PHPCMS V9 badword.php file SQL injection vulnerability

PHPCMS is a web content management system based on PHP and Mysql architecture. The system includes modules such as news, pictures, downloads, information and products. A SQL injection vulnerability exists in the PHPCMS V9 badword.php file, which allows attackers to exploit the vulnerability to...

7.7AI score

Exploits0