4.8CVSS
5.2AI Score
0.001EPSS
A Cross SIte Scripting (XSS) vulnerability exists in Dhcms 2017-09-18 in guestbook via the message board, which could let a remote malicious user execute arbitrary code.
6.1CVSS
6.1AI Score
0.001EPSS
An Information Disclosure vulnerability exists in dhcms 2017-09-18 when entering invalid characters after the normal interface, which causes an error that will leak the physical path.
5.3CVSS
4.9AI Score
0.001EPSS
dhcms v20170919 was discovered to contain an arbitrary folder deletion vulnerability via /admin.php?r=admin/AdminBackup/del.
8.1CVSS
8.1AI Score
0.001EPSS