Vulnerabilities > Douco > Douphp > 1.6
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-30 | CVE-2022-24131 | Cross-site Scripting vulnerability in Douco Douphp 1.6 DouPHP v1.6 Release 20220121 is affected by Cross Site Scripting (XSS) through /admin/login.php in the background, which will lead to JavaScript code execution. | 6.1 |
| 2022-03-25 | CVE-2022-25574 | Cross-site Scripting vulnerability in Douco Douphp 1.6 A stored cross-site scripting (XSS) vulnerability in the upload function of /admin/show.php allows attackers to execute arbitrary web scripts or HTML via a crafted image file. | 4.8 |
| 2021-12-08 | CVE-2021-3370 | Cross-site Scripting vulnerability in Douco Douphp 1.6 DouPHP v1.6 was discovered to contain a cross-site scripting (XSS) vulnerability via /admin/cloud.php. | 6.1 |