WTCMS 1.0 has a CSRF vulnerability to add an administrator account via the index.php?admin&m=user&a=add_post URI.
8.8CVSS
8.5AI Score
0.002EPSS
6.5CVSS
6.5AI Score
0.001EPSS
An issue was discovered in WTCMS 1.0. It allows remote attackers to execute arbitrary PHP code by going to the "Setting -> Mailbox configuration -> Registration email template" screen, and uploading an image file, as demonstrated by a .php filename and the "Content-Type: image/gif" header.
9.8CVSS
9.7AI Score
0.033EPSS
An issue was discovered in WTCMS 1.0. It allows remote attackers to cause a denial of service (resource consumption) via crafted dimensions for the verification code image.
7.5CVSS
7.5AI Score
0.002EPSS
An issue was discovered in WTCMS 1.0. It allows index.php?g=admin&m=setting&a=site_post CSRF.
8.8CVSS
8.6AI Score
0.001EPSS
An issue was discovered in WTCMS 1.0. It has stored XSS via the third text box (for the website statistics code).
6.1CVSS
5.9AI Score
0.001EPSS
WTCMS 1.0 contains a cross-site request forgery (CSRF) vulnerability in the index.php?g=admin&m=nav&a=add_post component that allows attackers to arbitrarily add articles in the administrator background.
6.5CVSS
6.4AI Score
0.001EPSS
WTCMS 1.0 contains a reflective cross-site scripting (XSS) vulnerability in the keyword search function under the background articles module.
5.4CVSS
5.2AI Score
0.001EPSS
WTCMS 1.0 contains a reflective cross-site scripting (XSS) vulnerability in the page management background which allows attackers to obtain cookies via a crafted payload entered into the search box.
5.4CVSS
5.1AI Score
0.001EPSS
WTCMS 1.0 contains a stored cross-site scripting (XSS) vulnerability in the source field under the article management module.
5.4CVSS
5.2AI Score
0.001EPSS
WTCMS 1.0 contains a stored cross-site scripting (XSS) vulnerability in the link field under the background menu management module.
5.4CVSS
5.2AI Score
0.001EPSS
WTCMS 1.0 contains a stored cross-site scripting (XSS) vulnerability in the link address field under the background links module.
5.4CVSS
5.2AI Score
0.001EPSS