Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-16192 | 1 Doccms | 1 Doccms | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
upload_model() in /admini/controllers/system/managemodel.php in DocCms 2016.5.17 allow remote attackers to execute arbitrary PHP code through module management files, as demonstrated by a .php file in a ZIP archive. | |||||
CVE-2018-18835 | 1 Doccms | 1 Doccms | 2018-12-06 | 7.5 HIGH | 9.8 CRITICAL |
upload_template() in system/changeskin.php in DocCms 2016.5.12 allows remote attackers to execute arbitrary PHP code via a template file. |