Vulnerabilities > Douco
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-08-18 | CVE-2024-7917 | Unrestricted Upload of File with Dangerous Type vulnerability in Douco Douphp 1.7 A vulnerability, which was classified as critical, has been found in DouPHP 1.7 Release 20220822. | 7.2 |
2023-01-13 | CVE-2022-46438 | Cross-site Scripting vulnerability in Douco Douphp 1.720221118 A cross-site scripting (XSS) vulnerability in the /admin/article_category.php component of DouPHP v1.7 20221118 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the description parameter. | 5.4 |
2022-03-30 | CVE-2022-24131 | Cross-site Scripting vulnerability in Douco Douphp 1.6 DouPHP v1.6 Release 20220121 is affected by Cross Site Scripting (XSS) through /admin/login.php in the background, which will lead to JavaScript code execution. | 6.1 |
2022-03-25 | CVE-2022-25574 | Cross-site Scripting vulnerability in Douco Douphp 1.6 A stored cross-site scripting (XSS) vulnerability in the upload function of /admin/show.php allows attackers to execute arbitrary web scripts or HTML via a crafted image file. | 4.8 |
2021-12-08 | CVE-2021-3370 | Cross-site Scripting vulnerability in Douco Douphp 1.6 DouPHP v1.6 was discovered to contain a cross-site scripting (XSS) vulnerability via /admin/cloud.php. | 6.1 |
2019-06-03 | CVE-2019-12564 | Improper Authentication vulnerability in Douco Douphp 1.5 In DouCo DouPHP v1.5 Release 20190516, remote attackers can view the database backup file via a brute-force guessing approach for data/backup/DyyyymmddThhmmss.sql filenames. | 9.8 |
2018-12-28 | CVE-2018-20567 | Incorrect Permission Assignment for Critical Resource vulnerability in Douco Douphp 1.5 An issue was discovered in DouCo DouPHP 1.5 20181221. | 5.3 |
2018-12-28 | CVE-2018-20566 | Path Traversal vulnerability in Douco Douphp 1.5 An issue was discovered in DouCo DouPHP 1.5 20181221. | 5.3 |
2018-12-28 | CVE-2018-20565 | Cross-site Scripting vulnerability in Douco Douphp 1.5 An issue was discovered in DouCo DouPHP 1.5 20181221. | 4.8 |
2018-12-28 | CVE-2018-20564 | Cross-site Scripting vulnerability in Douco Douphp 1.5 An issue was discovered in DouCo DouPHP 1.5 20181221. | 4.8 |