Vulnerabilities > Dhcms Project

DATE CVE VULNERABILITY TITLE RISK
2022-04-26 CVE-2022-28527 Path Traversal vulnerability in Dhcms Project Dhcms 20170919
dhcms v20170919 was discovered to contain an arbitrary folder deletion vulnerability via /admin.php?r=admin/AdminBackup/del.
network
low complexity
dhcms-project CWE-22
5.5
2021-05-12 CVE-2020-19275 Information Exposure Through an Error Message vulnerability in Dhcms Project Dhcms 20170918
An Information Disclosure vulnerability exists in dhcms 2017-09-18 when entering invalid characters after the normal interface, which causes an error that will leak the physical path.
network
low complexity
dhcms-project CWE-209
5.3
2021-05-12 CVE-2020-19274 Cross-site Scripting vulnerability in Dhcms Project Dhcms 20170918
A Cross SIte Scripting (XSS) vulnerability exists in Dhcms 2017-09-18 in guestbook via the message board, which could let a remote malicious user execute arbitrary code.
4.3
2019-03-03 CVE-2019-9550 Cross-site Scripting vulnerability in Dhcms Project Dhcms 20170918
DhCms through 2017-09-18 has admin.php?r=admin/Index/index XSS.
3.5