Wtcms Security Vulnerabilities and Issues — Wtcms CVE List

Lucene search

Wtcms ProjectWtcms

6 matches found

CVE•added 2021/09/01 10:15 p.m.•34 views

CVE-2020-20343

WTCMS 1.0 contains a cross-site request forgery (CSRF) vulnerability in the index.php?g=admin&m=nav&a=add_post component that allows attackers to arbitrarily add articles in the administrator background.

6.5CVSS6.4AI score0.00098EPSS

CVE•added 2021/09/01 10:15 p.m.•34 views

CVE-2020-20345

WTCMS 1.0 contains a reflective cross-site scripting (XSS) vulnerability in the page management background which allows attackers to obtain cookies via a crafted payload entered into the search box.

5.4CVSS5.1AI score0.00296EPSS

CVE•added 2021/09/01 10:15 p.m.•33 views

CVE-2020-20349

WTCMS 1.0 contains a stored cross-site scripting (XSS) vulnerability in the link address field under the background links module.

5.4CVSS5.2AI score0.00261EPSS

CVE•added 2021/09/01 10:15 p.m.•31 views

CVE-2020-20344

WTCMS 1.0 contains a reflective cross-site scripting (XSS) vulnerability in the keyword search function under the background articles module.

5.4CVSS5.2AI score0.00261EPSS

CVE•added 2021/09/01 10:15 p.m.•29 views

CVE-2020-20347

WTCMS 1.0 contains a stored cross-site scripting (XSS) vulnerability in the source field under the article management module.

5.4CVSS5.2AI score0.00261EPSS

CVE•added 2021/09/01 10:15 p.m.•25 views

CVE-2020-20348

WTCMS 1.0 contains a stored cross-site scripting (XSS) vulnerability in the link field under the background menu management module.

5.4CVSS5.2AI score0.00261EPSS