Vulnerabilities > Alfasado > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-09-08 CVE-2022-33941 OS Command Injection vulnerability in Alfasado Powercms
PowerCMS XMLRPC API provided by Alfasado Inc.
network
low complexity
alfasado CWE-78
critical
 9.8
9.8
2021-11-24 CVE-2021-20850 OS Command Injection vulnerability in Alfasado Powercms
PowerCMS XMLRPC API of PowerCMS 5.19 and earlier, PowerCMS 4.49 and earlier, PowerCMS 3.295 and earlier, and PowerCMS 2 Series (End-of-Life, EOL) allows a remote attacker to execute an arbitrary OS command via unspecified vectors.
network
low complexity
alfasado CWE-78
critical
 9.8
9.8