CVE-2025-5498 slackero phpwcms Custom Source Tab cnt21.readform.inc.php is_file deserialization

A vulnerability was found in slackero phpwcms up to 1.9.45/1.10.8. It has been rated as critical. This issue affects the function filegetcontents/isfile of the file include/inclib/content/cnt21.readform.inc.php of the component Custom Source Tab. The manipulation of the argument cpagecustom leads...

CVE-2025-5498 slackero phpwcms Custom Source Tab cnt21.readform.inc.php is_file deserialization

A vulnerability was found in slackero phpwcms up to 1.9.45/1.10.8. It has been rated as critical. This issue affects the function filegetcontents/isfile of the file include/inclib/content/cnt21.readform.inc.php of the component Custom Source Tab. The manipulation of the argument cpagecustom leads...

CVE-2025-5497

A vulnerability was detected in slackero phpwcms up to 1.9.45/1.10.8. The impacted element is an unknown function of the file include/incmodule/modfeedimport/inc/processing.inc.php of the component Feedimport Module. Performing manipulation of the argument cnttext results in deserialization. The...

CVE-2025-5497

A vulnerability was detected in slackero phpwcms up to 1.9.45/1.10.8. The impacted element is an unknown function of the file include/incmodule/modfeedimport/inc/processing.inc.php of the component Feedimport Module. Performing manipulation of the argument cnttext results in deserialization. The...

CVE-2025-5497 slackero phpwcms Feedimport processing.inc.php deserialization

A vulnerability was detected in slackero phpwcms up to 1.9.45/1.10.8. The impacted element is an unknown function of the file include/incmodule/modfeedimport/inc/processing.inc.php of the component Feedimport Module. Performing manipulation of the argument cnttext results in deserialization. The...

CVE-2025-5497

CVE-2025-5497 affects Slackero’s phpwcms Feedimport Module (processing.inc.php) where manipulating the cnt_text argument leads to deserialization. The vulnerability exists in phpwcms versions up to 1.9.45/1.10.8 and can be triggered remotely; public exploits have been disclosed. A fix is availabl...

CVE-2025-5497 slackero phpwcms Feedimport processing.inc.php deserialization

A vulnerability was detected in slackero phpwcms up to 1.9.45/1.10.8. The impacted element is an unknown function of the file include/incmodule/modfeedimport/inc/processing.inc.php of the component Feedimport Module. Performing manipulation of the argument cnttext results in deserialization. The...

phpwcms 代码问题漏洞

phpwcms is an open source web content management system from slackero open source. It is fast, easy to install and can run on any standard web server platform that supports PHP/MySQL. A code issue vulnerability exists in phpwcms 1.9.45 and 1.10.8 and earlier versions, which stems from an incorrec...

PT-2025-23613

Name of the Vulnerable Software and Affected Versions slackero phpwcms versions 1.9.45 and earlier, slackero phpwcms versions 1.10.8 and earlier Description A critical issue affects the function file get contents/is file of the file include/inc lib/content/cnt21.readform.inc.php in the Custom...

phpwcms 代码问题漏洞

phpwcms is an open source web content management system from slackero open source. It is fast, easy to install and runs on any standard web server platform that supports PHP/MySQL. A security vulnerability exists in phpwcms 1.9.45 and 1.10.8 and earlier versions, which stems from an incorrect...

PT-2025-23612 · Phpcms · Phpcms

Name of the Vulnerable Software and Affected Versions: phpwcms versions 1.9.45 through 1.10.8 Description: A critical vulnerability was found in the Feedimport Module of phpwcms, affecting unknown code in the file include/inc module/mod feedimport/inc/processing.inc.php. The manipulation of the c...

PT-2025-23614

Name of the Vulnerable Software and Affected Versions slackero phpwcms versions 1.9.45 and earlier, slackero phpwcms versions 1.10.8 and earlier Description A critical vulnerability has been found in the function is file/getimagesize of the file image resized.php. The manipulation of the argument...

phpwcms 代码问题漏洞

phpwcms is an open source web content management system from slackero open source. It is fast, easy to install and can run on any standard web server platform that supports PHP/MySQL. A code issue vulnerability exists in phpwcms 1.9.45 and 1.10.8 and earlier versions, which stems from an incorrec...

CVE-2021-36426

File Upload vulnerability in phpwcms 1.9.25 allows remote attackers to run arbitrary code via crafted file upload to include/inclib/general.inc.php...

CVE-2021-4302

A vulnerability was found in slackero phpwcms up to 1.9.26. It has been classified as problematic. This affects an unknown part of the component SVG File Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. Upgrading to version 1.9.27 is able to...

CVE-2021-36424

An issue discovered in phpwcms 1.9.25 allows remote attackers to run arbitrary code via DB user field during installation...

CVE-2020-21784

phpwcms 1.9.13 is vulnerable to Code Injection via /phpwcms/setup/setup.php...

CVE-2020-19855

phpwcms v1.9 contains a cross-site scripting XSS vulnerability in /imagezoom.php...

CVE-2017-15872

phpwcms 1.8.9 has XSS in include/inctmpl/admin.edituser.tmpl.php and include/inctmpl/admin.newuser.tmpl.php via the username aka newlogin field...

CVE-2011-3789

phpwcms 1.4.7 r412 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by template/incscript/frontendrender/disabled/majonavi.php and certain other files...