Filtered by vendor Greencms
Subscribe
Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-19329 | 1 Greencms | 1 Greencms | 2020-08-24 | 5.5 MEDIUM | 4.9 MEDIUM |
GreenCMS v2.3.0603 allows remote authenticated administrators to delete arbitrary files by modifying a base64-encoded pathname in an m=admin&c=media&a=delfilehandle&id= call, related to the m=admin&c=media&a=restorefile delete button. | |||||
CVE-2018-19376 | 1 Greencms | 1 Greencms | 2018-12-18 | 5.8 MEDIUM | 6.5 MEDIUM |
An issue was discovered in GreenCMS v2.3.0603. There is a CSRF vulnerability that allows attackers to delete a log file via the index.php?m=admin&c=data&a=clear URI. | |||||
CVE-2018-12988 | 1 Greencms | 1 Greencms | 2018-08-20 | 5.0 MEDIUM | 7.5 HIGH |
GreenCMS 2.3.0603 has an arbitrary file download vulnerability via an index.php?m=admin&c=media&a=downfile URI. |