Filtered by vendor Publiccms
Subscriptions
Total
29 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-40549 | 1 Publiccms | 1 Publiccms | 2024-08-02 | 8.8 High |
| An arbitrary file upload vulnerability in the component /admin/cmsTemplate/savePlace of PublicCMS v4.0.202302.e allows attackers to execute arbitrary code via uploading a crafted file. | ||||
| CVE-2024-40547 | 1 Publiccms | 1 Publiccms | 2024-08-02 | 6.5 Medium |
| PublicCMS v4.0.202302.e was discovered to contain an arbitrary file content replacement vulnerability via the component /admin/cmsTemplate/replace. | ||||
| CVE-2024-40552 | 1 Publiccms | 1 Publiccms | 2024-08-02 | 8.8 High |
| PublicCMS v4.0.202302.e was discovered to contain a remote commande execution (RCE) vulnerability via the cmdarray parameter at /site/ScriptComponent.java. | ||||
| CVE-2024-40551 | 1 Publiccms | 1 Publiccms | 2024-08-02 | 6.2 Medium |
| An arbitrary file upload vulnerability in the component /admin/cmsTemplate/doUpload of PublicCMS v4.0.202302.e allows attackers to execute arbitrary code via uploading a crafted file. | ||||
| CVE-2024-40550 | 1 Publiccms | 1 Publiccms | 2024-08-02 | 8.8 High |
| An arbitrary file upload vulnerability in the component /admin/cmsTemplate/savePlaceMetaData of Public CMS v.4.0.202302.e allows attackers to execute arbitrary code via uploading a crafted file. | ||||
| CVE-2024-40543 | 1 Publiccms | 1 Publiccms | 2024-08-02 | 6.4 Medium |
| PublicCMS v4.0.202302.e was discovered to contain a Server-Side Request Forgery (SSRF) via the component /admin/ueditor?action=catchimage. | ||||
| CVE-2024-40545 | 1 Publiccms | 1 Publiccms | 2024-08-02 | 7.2 High |
| An arbitrary file upload vulnerability in the component /admin/cmsWebFile/doUpload of PublicCMS v4.0.202302.e allows attackers to execute arbitrary code via uploading a crafted file. | ||||
| CVE-2024-40546 | 1 Publiccms | 1 Publiccms | 2024-08-02 | 8.8 High |
| An arbitrary file upload vulnerability in the component /admin/cmsWebFile/save of PublicCMS v4.0.202302.e allows attackers to execute arbitrary code via uploading a crafted file. | ||||
| CVE-2024-40544 | 1 Publiccms | 1 Publiccms | 2024-08-02 | 8.8 High |
| PublicCMS v4.0.202302.e was discovered to contain a Server-Side Request Forgery (SSRF) via the component /admin/#maintenance_sysTask/edit. | ||||