Total
4 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-19692 | 1 Tp5cms Project | 1 Tp5cms | 2018-12-27 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered in tp5cms through 2017-05-25. admin.php/upload/picture.html allows remote attackers to execute arbitrary PHP code by uploading a .php file with the image/jpeg content type. | |||||
CVE-2018-19693 | 1 Tp5cms Project | 1 Tp5cms | 2018-12-27 | 4.3 MEDIUM | 6.1 MEDIUM |
An issue was discovered in tp5cms through 2017-05-25. admin.php/system/set.html has XSS via the title parameter. | |||||
CVE-2018-15568 | 1 Tp5cms Project | 1 Tp5cms | 2018-11-01 | 6.8 MEDIUM | 8.8 HIGH |
tp5cms through 2017-05-25 has CSRF via admin.php/category/delete.html. | |||||
CVE-2018-15566 | 1 Tp5cms Project | 1 Tp5cms | 2018-10-12 | 4.3 MEDIUM | 6.1 MEDIUM |
tp5cms through 2017-05-25 has XSS via the admin.php/article/index.html q parameter. |