Insecure Permissions vulnerability in BossCMS v.1.3.0 allows a local attacker to execute arbitrary code and escalate privileges via the init function in admin.class.php...
7.8CVSS
7.9AI Score
0.0004EPSS
Bosscms v2.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the Add function under the Administrator List...
6.5CVSS
6.6AI Score
0.001EPSS
An arbitrary file upload vulnerability exists in Wenzhou Huoyin Information Technology Co., Ltd. BossCMS 1.0, which can be exploited by an attacker to gain control of the...
9.8CVSS
9.5AI Score
0.002EPSS