Pulse Cms@1.2.2 Security Vulnerabilities and Issues — Pulse Cms@1.2.2 CVE List

Lucene search

PulsecmsPulse Cms1.2.2

5 matches found

CVE•added 2010/04/09 5:30 p.m.•49 views

CVE-2010-0993

Unrestricted file upload vulnerability in Pulse CMS Basic 1.2.2 and 1.2.3, and possibly Pulse Pro before 1.3.2, allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in an unspecified director...

6CVSS7.6AI score0.01186EPSS

CVE•added 2010/04/06 10:30 p.m.•44 views

CVE-2010-1298

Directory traversal vulnerability in view.php in Pulse CMS 1.2.2 allows remote attackers to read arbitrary files via directory traversal sequences in the f parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

4CVSS6.7AI score0.00062EPSS

CVE•added 2010/04/09 5:30 p.m.•38 views

CVE-2010-0992

Multiple cross-site request forgery (CSRF) vulnerabilities in Pulse CMS Basic 1.2.2 and 1.2.3, and possibly Pulse Pro before 1.3.2, allow remote attackers to hijack the authentication of users for requests that (1) upload image files, (2) delete image files, or (3) create blocks.

6.8CVSS7.5AI score0.00142EPSS

CVE•added 2010/03/23 7:30 p.m.•31 views

CVE-2010-1080

Cross-site scripting (XSS) vulnerability in view.php in Pulse CMS 1.2.2 allows remote attackers to inject arbitrary web script or HTML via the f parameter.

4.3CVSS5.9AI score0.00329EPSS

CVE•added 2010/12/07 1:53 p.m.•30 views

CVE-2010-4330

Directory traversal vulnerability in includes/controller.php in Pulse CMS Basic before 1.2.9 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the p parameter to index.php.

6.8CVSS7.1AI score0.07318EPSS