Vulnerabilities > Nucleuscms

DATE	CVE	VULNERABILITY TITLE	RISK
2023-06-20	CVE-2020-21474	Unrestricted Upload of File with Dangerous Type vulnerability in Nucleuscms 3.71 File Upload vulnerability in NucleusCMS v.3.71 allows a remote attacker to execute arbitrary code via the /nucleus/plugins/skinfiles/?dir=rsd parameter. network low complexity nucleuscms CWE-434 critical	9.8
2022-06-30	CVE-2021-37770	Unrestricted Upload of File with Dangerous Type vulnerability in Nucleuscms Nucleus CMS 3.71 Nucleus CMS v3.71 is affected by a file upload vulnerability. network low complexity nucleuscms CWE-434	7.2
2018-12-10	CVE-2018-16636	Cross-site Scripting vulnerability in Nucleuscms Nucleus CMS 3.70 Nucleus CMS 3.70 allows HTML Injection via the index.php body parameter. network low complexity nucleuscms CWE-79	6.5

Vulnerabilities > Nucleuscms {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Nucleuscms"}]}