Lucene search

Dhcms Project Security Vulnerabilities

cve

CVE-2019-9550

DhCms through 2017-09-18 has admin.php?r=admin/Index/index XSS.

4.8CVSS

5.2AI Score

0.001EPSS

2022-10-03 04:19 PM

cve

CVE-2020-19274

A Cross SIte Scripting (XSS) vulnerability exists in Dhcms 2017-09-18 in guestbook via the message board, which could let a remote malicious user execute arbitrary code.

6.1CVSS

6.1AI Score

0.001EPSS

2021-05-12 05:15 PM

cve

CVE-2020-19275

An Information Disclosure vulnerability exists in dhcms 2017-09-18 when entering invalid characters after the normal interface, which causes an error that will leak the physical path.

5.3CVSS

4.9AI Score

0.001EPSS

2021-05-12 06:15 PM

cve

CVE-2022-28527

dhcms v20170919 was discovered to contain an arbitrary folder deletion vulnerability via /admin.php?r=admin/AdminBackup/del.

8.1CVSS

8.1AI Score

0.001EPSS

2022-04-26 09:15 PM