Powercms Security Vulnerabilities and Issues — Powercms CVE List

Lucene search

AlfasadoPowercms

4 matches found

CVE•added 2019/12/26 4:15 p.m.•38 views

CVE-2019-6020

Open redirect vulnerability in PowerCMS 5.12 and earlier (PowerCMS 5.x), 4.42 and earlier (PowerCMS 4.x), and 3.293 and earlier (PowerCMS 3.x) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a specially crafted URL.

6.1CVSS6.2AI score0.0039EPSS

CVE•added 2023/12/26 6:15 a.m.•37 views

CVE-2023-50297

Open redirect vulnerability in PowerCMS (6 Series, 5 Series, and 4 Series) allows a remote unauthenticated attacker to redirect users to arbitrary web sites via a specially crafted URL. Note that all versions of PowerCMS 3 Series and earlier which are unsupported (End-of-Life, EOL) are also affecte...

6.1CVSS6.2AI score0.00323EPSS

CVE•added 2025/07/31 8:15 a.m.•6 views

CVE-2025-36563

Reflected cross-site scripting vulnerability exists in multiple versions of PowerCMS. If a product administrator accesses a crafted URL, an arbitrary script may be executed on the browser.

6.1CVSS6AI score0.00033EPSS

CVE•added 2025/07/31 8:15 a.m.•5 views

CVE-2025-41396

A path traversal issue exists in file uploading feature of multiple versions of PowerCMS. Arbitrary files may be overwritten by a product user.

6.5CVSS6.6AI score0.00054EPSS