Lucene search
+L

8 matches found

prion
prion
added 2021/05/06 6:15 p.m.10 views

Arbitrary file deletion

Arbitrary File Deletion vulnerability in puppyCMS v5.1 allows remote malicious attackers to delete the file/folder via /admin/functions.php...

5CVSS7.5AI score0.00779EPSS
Exploits1References1Affected Software1
cvelist
cvelist
added 2021/05/06 5:37 p.m.15 views

CVE-2020-18888

Arbitrary File Deletion vulnerability in puppyCMS v5.1 allows remote malicious attackers to delete the file/folder via /admin/functions.php...

7.5AI score0.00779EPSS
Exploits1References1
cve
cve
added 2021/05/06 5:37 p.m.45 views

CVE-2020-18888

The CVE-2020-18888 entry concerns puppyCMS v5.1 with an Arbitrary File Deletion vulnerability. According to the documents, a remote attacker can delete files/folders via the vulnerable endpoint /admin/functions.php, due to insufficient path validation/restrictions. The issue is described across m...

7.5CVSS7.5AI score0.00779EPSS
Exploits1References1Affected Software1
nvd
nvd
added 2021/05/06 5:15 p.m.20 views

CVE-2020-18889

Cross Site Request Forgery CSRF vulnerability in puppyCMS v5.1 that can change the admin's password via /admin/settings.php...

6.5CVSS0.00506EPSS
Exploits1References1
prion
prion
added 2021/05/06 5:15 p.m.12 views

Cross site request forgery (csrf)

Cross Site Request Forgery CSRF vulnerability in puppyCMS v5.1 that can change the admin's password via /admin/settings.php...

4.3CVSS6.7AI score0.00506EPSS
Exploits1References1Affected Software1
cvelist
cvelist
added 2021/05/06 5:4 p.m.26 views

CVE-2020-18890

Rmote Code Execution RCE vulnerability in puppyCMS v5.1 due to insecure permissions, which could let a remote malicious user getshell via /admin/functions.php...

9.5AI score0.01519EPSS
Exploits1References1
cve
cve
added 2021/05/06 5:4 p.m.59 views

CVE-2020-18890

CVE-2020-18890 affects puppyCMS v5.1 (puppyCMS, puppetCMS) with an RCE due to insecure permissions. The vulnerability allows a remote attacker to gain shell access via /admin/functions.php. Root cause: insecure file/permission handling in the admin function. Impact is described as remote code exe...

9.8CVSS9.3AI score0.01519EPSS
Exploits1References1Affected Software1
cvelist
cvelist
added 2021/05/06 4:54 p.m.30 views

CVE-2020-18889

Cross Site Request Forgery CSRF vulnerability in puppyCMS v5.1 that can change the admin's password via /admin/settings.php...

6.7AI score0.00506EPSS
Exploits1References1
Rows per page
Query Builder