Vulnerabilities > Greencms > Medium

DATE CVE VULNERABILITY TITLE RISK
2018-11-20 CVE-2018-19376 Cross-Site Request Forgery (CSRF) vulnerability in Greencms 2.3.0603
An issue was discovered in GreenCMS v2.3.0603.
network
low complexity
greencms CWE-352
6.5
6.5
2018-11-17 CVE-2018-19329 Path Traversal vulnerability in Greencms 2.3.0603
GreenCMS v2.3.0603 allows remote authenticated administrators to delete arbitrary files by modifying a base64-encoded pathname in an m=admin&c=media&a=delfilehandle&id= call, related to the m=admin&c=media&a=restorefile delete button.
network
low complexity
greencms CWE-22
4.9
4.9