Vulnerabilities > Doccms
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-09-09 | CVE-2019-16192 | Unrestricted Upload of File with Dangerous Type vulnerability in Doccms 2016.5.17 upload_model() in /admini/controllers/system/managemodel.php in DocCms 2016.5.17 allow remote attackers to execute arbitrary PHP code through module management files, as demonstrated by a .php file in a ZIP archive. | 9.8 |
| 2018-10-30 | CVE-2018-18835 | Code Injection vulnerability in Doccms 2016.5.12 upload_template() in system/changeskin.php in DocCms 2016.5.12 allows remote attackers to execute arbitrary PHP code via a template file. | 9.8 |