Cms Security Vulnerabilities and Issues — Cms CVE List

Lucene search

SchlixCms

2 matches found

CVE•added 2019/10/24 4:15 p.m.•72 views

CVE-2019-11021

admin/app/mediamanager in Schlix CMS 2.1.8-7 allows Authenticated Unrestricted File Upload, leading to remote code execution. NOTE: "While inadvertently allowing a PHP file to be uploaded via Media Manager was an oversight, it still requires an admin permission. We think it's pretty rare for an adm...

7.2CVSS7.3AI score0.03263EPSS

CVE•added 2024/01/31 3:15 a.m.•30 views

CVE-2023-31505

An arbitrary file upload vulnerability in Schlix CMS v2.2.8-1, allows remote authenticated attackers to execute arbitrary code and obtain sensitive information via a crafted .phtml file.

7.2CVSS7AI score0.00969EPSS