Vulnerabilities > 1234N > Minicms > High

DATE CVE VULNERABILITY TITLE RISK
2022-06-28 CVE-2020-19896 Unspecified vulnerability in 1234N Minicms 1.9
File inclusion vulnerability in Minicms v1.9 allows remote attackers to execute arbitary PHP code via post-edit.php.
network
low complexity
1234n
7.5
7.5
2021-01-05 CVE-2020-36052 Path Traversal vulnerability in 1234N Minicms 1.10
Directory traversal vulnerability in post-edit.php in MiniCMS V1.10 allows remote attackers to include and execute arbitrary files via the state parameter.
network
low complexity
1234n CWE-22
7.5
7.5
2018-11-01 CVE-2018-18892 Code Injection vulnerability in 1234N Minicms 1.10
MiniCMS 1.10 allows execution of arbitrary PHP code via the install.php sitename parameter, which affects the site_name field in mc_conf.php.
network
low complexity
1234n CWE-94
7.5
7.5