tp5cms through 2017-05-25 has XSS via the admin.php/article/index.html q parameter.
6.1CVSS
6AI Score
0.001EPSS
8.8CVSS
8.7AI Score
0.001EPSS
An issue was discovered in tp5cms through 2017-05-25. admin.php/upload/picture.html allows remote attackers to execute arbitrary PHP code by uploading a .php file with the image/jpeg content type.
9.8CVSS
9.6AI Score
0.011EPSS
An issue was discovered in tp5cms through 2017-05-25. admin.php/system/set.html has XSS via the title parameter.
6.1CVSS
5.9AI Score
0.001EPSS
An issue was discovered in tp5cms through 2017-05-25. admin.php/system/set.html has XSS via the keywords parameter.
6.1CVSS
5.9AI Score
0.001EPSS