Dswjcms Project CVE

Filtered by vendor Dswjcms Project Subscriptions

Total 4 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2020-19268	1 Dswjcms Project	1 Dswjcms	2024-08-04	5.7 Medium
A cross-site request forgery (CSRF) in index.php/Dswjcms/User/tfAdd of Dswjcms 1.6.4 allows authenticated attackers to arbitrarily add administrator users.
CVE-2020-19267	1 Dswjcms Project	1 Dswjcms	2024-08-04	9.8 Critical
An issue in index.php/Dswjcms/Basis/resources of Dswjcms 1.6.4 allows attackers to execute arbitrary code via uploading a crafted PHP file.
CVE-2020-19265	1 Dswjcms Project	1 Dswjcms	2024-08-04	6.1 Medium
A stored cross-site scripting (XSS) vulnerability in the index.php/Dswjcms/Basis/links component of Dswjcms 1.6.4 allows attackers to execute arbitrary web scripts or HTML.
CVE-2020-19266	1 Dswjcms Project	1 Dswjcms	2024-08-04	6.1 Medium
A stored cross-site scripting (XSS) vulnerability in the index.php/Dswjcms/Site/articleList component of Dswjcms 1.6.4 allows attackers to execute arbitrary web scripts or HTML.

Page 1 of 1.