Lucene search

Articlecms Security Vulnerabilities

cve

CVE-2018-12339

ArticleCMS through 2017-02-19 has XSS via an "add an article" action.

5.4CVSS

5.2AI Score

0.001EPSS

2018-06-13 07:29 PM

cve

CVE-2018-19469

ArticleCMS through 2017-02-19 has XSS via the /update_personal_infomation realname or email parameter.

6.1CVSS

6AI Score

0.001EPSS

2018-11-23 05:29 AM

cve

CVE-2020-20092

File Upload vulnerability exists in ArticleCMS 1.0 via the image upload feature at /admin by changing the Content-Type to image/jpeg and placing PHP code after the JPEG data, which could let a remote malicious user execute arbitrary PHP code.

9.8CVSS

9.6AI Score

0.005EPSS

2021-05-13 03:15 PM

115

cve

CVE-2020-28063

A file upload issue exists in all versions of ArticleCMS which allows malicious users to getshell.

9.8CVSS

9.3AI Score

0.005EPSS

2021-05-13 03:15 PM