Filtered by vendor Publiccms Subscriptions
Filtered by product Publiccms Subscriptions
Total 30 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-40548 1 Publiccms 1 Publiccms 2024-08-02 8.8 High
An arbitrary file upload vulnerability in the component /admin/cmsTemplate/save of PublicCMS v4.0.202302.e allows attackers to execute arbitrary code via uploading a crafted file.
CVE-2024-40549 1 Publiccms 1 Publiccms 2024-08-02 8.8 High
An arbitrary file upload vulnerability in the component /admin/cmsTemplate/savePlace of PublicCMS v4.0.202302.e allows attackers to execute arbitrary code via uploading a crafted file.
CVE-2024-40547 1 Publiccms 1 Publiccms 2024-08-02 6.5 Medium
PublicCMS v4.0.202302.e was discovered to contain an arbitrary file content replacement vulnerability via the component /admin/cmsTemplate/replace.
CVE-2024-40552 1 Publiccms 1 Publiccms 2024-08-02 8.8 High
PublicCMS v4.0.202302.e was discovered to contain a remote commande execution (RCE) vulnerability via the cmdarray parameter at /site/ScriptComponent.java.
CVE-2024-40551 1 Publiccms 1 Publiccms 2024-08-02 6.2 Medium
An arbitrary file upload vulnerability in the component /admin/cmsTemplate/doUpload of PublicCMS v4.0.202302.e allows attackers to execute arbitrary code via uploading a crafted file.
CVE-2024-40550 1 Publiccms 1 Publiccms 2024-08-02 8.8 High
An arbitrary file upload vulnerability in the component /admin/cmsTemplate/savePlaceMetaData of Public CMS v.4.0.202302.e allows attackers to execute arbitrary code via uploading a crafted file.
CVE-2024-40543 1 Publiccms 1 Publiccms 2024-08-02 6.4 Medium
PublicCMS v4.0.202302.e was discovered to contain a Server-Side Request Forgery (SSRF) via the component /admin/ueditor?action=catchimage.
CVE-2024-40545 1 Publiccms 1 Publiccms 2024-08-02 7.2 High
An arbitrary file upload vulnerability in the component /admin/cmsWebFile/doUpload of PublicCMS v4.0.202302.e allows attackers to execute arbitrary code via uploading a crafted file.
CVE-2024-40546 1 Publiccms 1 Publiccms 2024-08-02 8.8 High
An arbitrary file upload vulnerability in the component /admin/cmsWebFile/save of PublicCMS v4.0.202302.e allows attackers to execute arbitrary code via uploading a crafted file.
CVE-2024-40544 1 Publiccms 1 Publiccms 2024-08-02 8.8 High
PublicCMS v4.0.202302.e was discovered to contain a Server-Side Request Forgery (SSRF) via the component /admin/#maintenance_sysTask/edit.