371 matches found
CVE-2020-22201
phpCMS 2008 sp4 allowas remote malicious users to execute arbitrary php commands via the pagesize parameter to yp/product.php...
CVE-2020-22200
Directory Traversal vulnerability in phpCMS 9.1.13 via the q parameter to publicgetsuggestkeyword...
CVE-2020-22199
SQL Injection vulnerability in phpCMS 2007 SP6 build 0805 via the diggmod parameter to diggadd.php...
CVE-2020-22203
SQL Injection in phpCMS 2008 sp4 via the genre parameter to yp/job.php...
CVE-2019-10027
PHPCMS 9.6.x through 9.6.3 has XSS via the mailbox aka E-mail field on the personal information screen...
CVE-2025-25960
Cross Site Scripting vulnerability in phpcmsv9 v.9.6.3 allows a remote attacker to escalate privileges via the menu interface of the member center of the background administrator...
PHPCMS 安全漏洞
PHPCMS is a web content management system based on PHP and Mysql architecture by Abel Personal Developer. The system includes modules for news, images, downloads, information, products and more. A security vulnerability exists in PHPCMS version v.9.6.3, which stems from the inclusion of a...
CVE-2025-25958
Cross Site Scripting vulnerabilities in phpcmsv9 v.9.6.3 allows a remote attacker to escalate privileges via a crafted script...
CVE-2021-36425
Directory traversal vulnerability in phpcms 1.9.25 allows remote attackers to delete arbitrary files via unfiltered $file parameter to unlink method in include/incact/actftptakeover.php file...
CVE-2021-36425
Directory traversal vulnerability in phpcms 1.9.25 allows remote attackers to delete arbitrary files via unfiltered $file parameter to unlink method in include/incact/actftptakeover.php file...
Directory traversal
Directory traversal vulnerability in phpcms 1.9.25 allows remote attackers to delete arbitrary files via unfiltered $file parameter to unlink method in include/incact/actftptakeover.php file...
CVE-2021-36425
Directory traversal vulnerability in phpcms 1.9.25 allows remote attackers to delete arbitrary files via unfiltered $file parameter to unlink method in include/incact/actftptakeover.php file...
CVE-2021-36425
CVE-2021-36425 affects phpcms 1.9.25 and related entries describe a directory traversal vulnerability. An attacker can delete arbitrary files by supplying an unfiltered file parameter to the unlink call in the file path include/inc_act/act_ftptakeover.php. The connected documents confirm the vuln...
CVE-2021-36425
Directory traversal vulnerability in phpcms 1.9.25 allows remote attackers to delete arbitrary files via unfiltered $file parameter to unlink method in include/incact/actftptakeover.php file...
PT-2023-12268 · Phpcms · Phpcms
Name of the Vulnerable Software and Affected Versions: phpcms version 1.9.25 Description: The issue allows remote attackers to delete arbitrary files due to a directory traversal vulnerability. This is achieved by exploiting an unfiltered file parameter in the unlink method within the include/inc...
CVE-2021-40910
There is a reflective cross-site scripting XSS vulnerability in the PHPCMS V9.6.3 management side...
CVE-2021-40910
There is a reflective cross-site scripting XSS vulnerability in the PHPCMS V9.6.3 management side...
Cross site scripting
There is a reflective cross-site scripting XSS vulnerability in the PHPCMS V9.6.3 management side...
CVE-2021-40910
There is a reflective cross-site scripting XSS vulnerability in the PHPCMS V9.6.3 management side...
CVE-2021-40910
PHPCMS V9.6.3 management side is affected by a reflective XSS vulnerability. The root cause, per the documents, is a lack of proper input filtering/escaping for parameters on the admin side. This could enable injection of malicious scripts via user-supplied input that is reflected in the web inte...