11 matches found
EUVD-2018-10633
Malware in sbrugna...
EUVD-2023-51148
Malicious code in bioql PyPI...
CVE-2024-40551
An arbitrary file upload vulnerability in the component /admin/cmsTemplate/doUpload of PublicCMS v4.0.202302.e allows attackers to execute arbitrary code via uploading a crafted file...
CVE-2022-23389
PublicCMS v4.0 was discovered to contain a remote code execution RCE vulnerability via the cmdarray parameter...
Remote code execution
PublicCMS v4.0 was discovered to contain a remote code execution RCE vulnerability via the cmdarray parameter...
CVE-2021-40881
An issue in the BAT file parameters of PublicCMS v4.0 allows attackers to execute arbitrary code...
Code injection
An issue in the BAT file parameters of PublicCMS v4.0 allows attackers to execute arbitrary code...
CVE-2021-40881
An issue in the BAT file parameters of PublicCMS v4.0 allows attackers to execute arbitrary code...
CVE-2018-18927
An issue was discovered in PublicCMS V4.0. It allows XSS by modifying the pagelist "attached" attribute which typically has 'class="icon-globe icon-large"' in its value, as demonstrated by an 'UPDATE sysmodule SET attached = "XSS" WHERE id="pagelist"' statement...
CVE-2018-18927
An issue was discovered in PublicCMS V4.0. It allows XSS by modifying the pagelist "attached" attribute which typically has 'class="icon-globe icon-large"' in its value, as demonstrated by an 'UPDATE sysmodule SET attached = "XSS" WHERE id="pagelist"' statement...
Design/Logic Flaw
An issue was discovered in PublicCMS V4.0. It allows XSS by modifying the pagelist "attached" attribute which typically has 'class="icon-globe icon-large"' in its value, as demonstrated by an 'UPDATE sysmodule SET attached = "XSS" WHERE id="pagelist"' statement...