Lucene search
K
Dhcms ProjectDhcms

4 matches found

CVE
CVE
added 2022/04/26 8:29 p.m.85 views

CVE-2022-28527

CVE-2022-28527 affects the DhCms release v20170919, where an arbitrary folder deletion vulnerability exists via the admin endpoint /admin.php?r=admin/AdminBackup/del. The connected records confirm the vulnerable component and the attack vector, but do not specify concrete patch versions or remedi...

8.1CVSS8.1AI score0.01029EPSS
Web
CVE
CVE
added 2021/05/12 5:13 p.m.72 views

CVE-2020-19275

The CVE-2020-19275 entry concerns dhcms 2017-09-18. Affected software: Dhcms (Dinghua Cloud CMS) using PHP/MySQL. Vulnerability: Information Disclosure via improper handling when users enter invalid characters after the normal interface, triggering an error that leaks the server’s physical path. ...

5.3CVSS4.9AI score0.01179EPSS
CVE
CVE
added 2021/05/12 4:26 p.m.58 views

CVE-2020-19274

CVE-2020-19274 concerns a Cross-Site Scripting (XSS) vulnerability in Dhcms 2017-09-18, affecting the guestbook via the message board. The available connected documents identify Dhcms as the affected software and describe the vulnerability as allowing a remote attacker to execute arbitrary code t...

6.1CVSS6.1AI score0.00852EPSS
CVE
CVE
added 2019/03/03 7:0 p.m.43 views

CVE-2019-9550

CVE-2019-9550 affects DhCms (DhCms through 2017-09-18) with an XSS in admin.php?r=admin/Index/index. The root cause is a stored/reflected XSS in the admin backend, enabling an attacker to potentially obtain cookie information (per CNVD-2019-08720). Multiple sources (NVD, Red Hat, CNVD) report the...

4.8CVSS5.2AI score0.0064EPSS
Web