Phpwcms Security Vulnerabilities and Issues — Phpwcms CVE List

Lucene search

PhpwcmsPhpwcms

5 matches found

CVE•added 2023/01/07 10:15 p.m.•64 views

CVE-2021-4301

A vulnerability was found in slackero phpwcms up to 1.9.26 and classified as critical. Affected by this issue is some unknown functionality. The manipulation of the argument $phpwcms['db_prepend'] leads to sql injection. The attack may be launched remotely. Upgrading to version 1.9.27 is able to ad...

9.8CVSS8.3AI score0.00052EPSS

CVE•added 2023/02/03 6:15 p.m.•47 views

CVE-2021-36425

Directory traversal vulnerability in phpcms 1.9.25 allows remote attackers to delete arbitrary files via unfiltered $file parameter to unlink method in include/inc_act/act_ftptakeover.php file.

5.4CVSS5.5AI score0.00407EPSS

CVE•added 2023/01/04 10:15 p.m.•46 views

CVE-2021-4302

A vulnerability was found in slackero phpwcms up to 1.9.26. It has been classified as problematic. This affects an unknown part of the component SVG File Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. Upgrading to version 1.9.27 is able to a...

6.1CVSS4.8AI score0.00069EPSS

CVE•added 2023/02/03 6:15 p.m.•37 views

CVE-2021-36424

An issue discovered in phpwcms 1.9.25 allows remote attackers to run arbitrary code via DB user field during installation.

9.8CVSS9.5AI score0.00333EPSS

CVE•added 2023/02/03 6:15 p.m.•30 views

CVE-2021-36426

File Upload vulnerability in phpwcms 1.9.25 allows remote attackers to run arbitrary code via crafted file upload to include/inc_lib/general.inc.php.

8.8CVSS8.8AI score0.00315EPSS