Duxcms@2.1 Security Vulnerabilities and Issues — Duxcms@2.1 CVE List

Lucene search

Duxcms ProjectDuxcms2.1

6 matches found

CVE•added 2022/12/08 10:15 a.m.•59 views

CVE-2020-36609

A vulnerability was found in annyshow DuxCMS 2.1. It has been classified as problematic. This affects an unknown part of the file admin.php&r=article/AdminContent/edit of the component Article Handler. The manipulation of the argument content leads to cross site scripting. It is possible to initiat...

5.4CVSS4.3AI score0.00036EPSS

CVE•added 2022/12/08 10:15 a.m.•42 views

CVE-2020-36610

A vulnerability was found in annyshow DuxCMS 2.1. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of...

8CVSS6AI score0.00147EPSS

CVE•added 2023/07/31 2:15 p.m.•38 views

CVE-2020-21881

Cross Site Request Forgery (CSRF) vulnerability in admin.php in DuxCMS 2.1 allows remote attackers to modtify application data via article/admin/content/add.

6.5CVSS6.6AI score0.00046EPSS

CVE•added 2023/07/31 4:15 p.m.•34 views

CVE-2020-36763

Cross Site Scripting (XSS) vulnerability in DuxCMS 2.1 allows remote attackers to run arbitrary code via the content, time, copyfrom parameters when adding or editing a post.

5.4CVSS5.4AI score0.00046EPSS

CVE•added 2023/07/06 2:15 p.m.•21 views

CVE-2020-21861

File upload vulnerability in DuxCMS 2.1 allows attackers to execute arbitrary php code via duxcms/AdminUpload/upload.

8.8CVSS8.9AI score0.00077EPSS

CVE•added 2023/07/06 2:15 p.m.•20 views

CVE-2020-21862

Directory traversal vulnerability in DuxCMS 2.1 allows attackers to delete arbitrary files via /admin/AdminBackup/del.

8.1CVSS8AI score0.00184EPSS