CVE-2020-20402

Westbrookadmin portfolioCMS v1.05 allows attackers to bypass password validation and access sensitive information via session fixation...

portfolioCMS 授权问题漏洞

portfolioCMS is Bootstrap portfolio website with admin panel. A security vulnerability exists in Westbrookadmin portfolioCMS v1.05. An attacker could exploit the vulnerability to bypass password authentication and gain access to sensitive information via session fixation...

Universal Password Login Vulnerability in portfolioCMS

portfolioCMS is an open source website building system. A universal password login vulnerability exists in portfolioCMS. An attacker can exploit this vulnerability to log into the system's backend...

File upload vulnerability in portfolioCMS

portfolioCMS is an open source website building system. A file upload vulnerability exists in portfolioCMS. An attacker can exploit this vulnerability to gain server control privileges...

portfolioCMS Cross-Site Request Forgery Vulnerability (CNVD-2018-16511)

portfolioCMS is a content management system CMS based on PHP and MySQL. A cross-site request forgery vulnerability exists in portfolioCMS version 1.0.5. A remote attacker can exploit this vulnerability to update website settings with the help of the admin/aboutus.php file...

CVE-2018-15849

An issue was discovered in portfolioCMS 1.0.5. There is CSRF to update the website settings via admin/aboutus.php...

CVE-2018-15849

An issue was discovered in portfolioCMS 1.0.5. There is CSRF to update the website settings via admin/aboutus.php...

Cross site request forgery (csrf)

An issue was discovered in portfolioCMS 1.0.5. There is CSRF to update the website settings via admin/aboutus.php...

CVE-2018-15848

An issue was discovered in portfolioCMS 1.0.5. There is CSRF to create new pages via admin/portfolio.php?newpage=true...

CVE-2018-15848

An issue was discovered in portfolioCMS 1.0.5. There is CSRF to create new pages via admin/portfolio.php?newpage=true...

Cross site request forgery (csrf)

An issue was discovered in portfolioCMS 1.0.5. There is CSRF to create new pages via admin/portfolio.php?newpage=true...

CVE-2018-15849

An issue was discovered in portfolioCMS 1.0.5. There is CSRF to update the website settings via admin/aboutus.php...

CVE-2018-15849

CVE-2018-15849 affects portfolioCMS 1.0.5. The CNVD record describes a cross-site request forgery vulnerability that allows a remote attacker to update website settings via admin/aboutus.php. Only CSRF is specified; no exploit details are provided here. CVSSv3 base score is 4.3 (MEDIUM). No remed...

CVE-2018-15848

CVE-2018-15848 affects portfolioCMS 1.0.5. The vulnerability is a Cross-Site Request Forgery that allows a CSRF to create new pages via admin/portfolio.php?newpage=true. The issue is described with a CVSS2 base score of 6.8 (MEDIUM) and CVSS3 base score of 8.8 (HIGH) indicating network-accessible...

CVE-2018-15848

An issue was discovered in portfolioCMS 1.0.5. There is CSRF to create new pages via admin/portfolio.php?newpage=true...

portfolioCMS any.php file upload vulnerability

portfolioCMS is a content management system CMS based on PHP and MySQL. A security vulnerability exists in portfolioCMS version 1.0.5. An attacker can exploit the vulnerability to upload arbitrary .php files with the help of admin/portfolio.php?newpage=true URI...

Code injection

portfolioCMS 1.0.5 allows upload of arbitrary .php files via the admin/portfolio.php?newpage=true URI...

CVE-2018-12263

portfolioCMS 1.0.5 allows upload of arbitrary .php files via the admin/portfolio.php?newpage=true URI...

CVE-2018-12263

portfolioCMS 1.0.5 allows upload of arbitrary .php files via the admin/portfolio.php?newpage=true URI...

CVE-2018-12263

The CVE-2018-12263 entry affects portfolioCMS 1.0.5, with a vulnerability in the admin/portfolio.php?newpage=true URI that allows uploading arbitrary .php files. The connected CNVD/NVD/OSV records confirm this behavior, citing a file-upload vulnerability in portfolioCMS 1.0.5. The underlying root...