EUVD-2019-18298

Malware in sbrugna...

EUVD-2019-18296

Malware in sbrugna...

CVE-2024-48239

An issue was discovered in WTCMS 1.0. In the plupload method in \AssetController.class.php, the app parameters aren't processed, resulting in Cross Site Scripting XSS...

CVE-2024-48237

WTCMS 1.0 is vulnerable to Incorrect Access Control in \Common\Controller\HomebaseController.class.php...

CVE-2020-20344

WTCMS 1.0 contains a reflective cross-site scripting XSS vulnerability in the keyword search function under the background articles module...

CVE-2019-8911

An issue was discovered in WTCMS 1.0. It has stored XSS via the third text box for the website statistics code...

CVE-2019-8909

An issue was discovered in WTCMS 1.0. It allows remote attackers to cause a denial of service resource consumption via crafted dimensions for the verification code image...

CVE-2019-8908

An issue was discovered in WTCMS 1.0. It allows remote attackers to execute arbitrary PHP code by going to the "Setting - Mailbox configuration - Registration email template" screen, and uploading an image file, as demonstrated by a .php filename and the "Content-Type: image/gif" header...