Vulnerabilities > Alfasado > Powercms > 3.294
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-26 | CVE-2023-49117 | Cross-site Scripting vulnerability in Alfasado Powercms PowerCMS (6 Series, 5 Series, and 4 Series) contains a stored cross-site scripting vulnerability. | 5.4 |
| 2023-12-26 | CVE-2023-50297 | Open Redirect vulnerability in Alfasado Powercms Open redirect vulnerability in PowerCMS (6 Series, 5 Series, and 4 Series) allows a remote unauthenticated attacker to redirect users to arbitrary web sites via a specially crafted URL. | 6.1 |
| 2022-09-08 | CVE-2022-33941 | OS Command Injection vulnerability in Alfasado Powercms PowerCMS XMLRPC API provided by Alfasado Inc. | 9.8 |
| 2021-11-24 | CVE-2021-20850 | OS Command Injection vulnerability in Alfasado Powercms PowerCMS XMLRPC API of PowerCMS 5.19 and earlier, PowerCMS 4.49 and earlier, PowerCMS 3.295 and earlier, and PowerCMS 2 Series (End-of-Life, EOL) allows a remote attacker to execute an arbitrary OS command via unspecified vectors. | 7.5 |