Total
4 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-19275 | 1 Dhcms Project | 1 Dhcms | 2022-10-05 | 5.0 MEDIUM | 5.3 MEDIUM |
An Information Disclosure vulnerability exists in dhcms 2017-09-18 when entering invalid characters after the normal interface, which causes an error that will leak the physical path. | |||||
CVE-2022-28527 | 1 Dhcms Project | 1 Dhcms | 2022-05-05 | 5.5 MEDIUM | 8.1 HIGH |
dhcms v20170919 was discovered to contain an arbitrary folder deletion vulnerability via /admin.php?r=admin/AdminBackup/del. | |||||
CVE-2020-19274 | 1 Dhcms Project | 1 Dhcms | 2021-05-18 | 4.3 MEDIUM | 6.1 MEDIUM |
A Cross SIte Scripting (XSS) vulnerability exists in Dhcms 2017-09-18 in guestbook via the message board, which could let a remote malicious user execute arbitrary code. | |||||
CVE-2019-9550 | 1 Dhcms Project | 1 Dhcms | 2019-03-04 | 3.5 LOW | 4.8 MEDIUM |
DhCms through 2017-09-18 has admin.php?r=admin/Index/index XSS. |