Vulnerabilities > Otcms
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-12-13 | CVE-2023-6772 | SQL Injection vulnerability in Otcms 7.01 A vulnerability, which was classified as critical, was found in OTCMS 7.01. | 7.2 |
2023-06-14 | CVE-2023-3239 | Path Traversal: '../filedir' vulnerability in Otcms A vulnerability, which was classified as problematic, was found in OTCMS up to 6.62. | 7.5 |
2023-06-14 | CVE-2023-3240 | Path Traversal: '../filedir' vulnerability in Otcms A vulnerability has been found in OTCMS up to 6.62 and classified as problematic. | 6.5 |
2023-06-14 | CVE-2023-3241 | Path Traversal vulnerability in Otcms A vulnerability was found in OTCMS up to 6.62 and classified as problematic. | 7.5 |
2023-06-14 | CVE-2023-3237 | Use of Hard-coded Credentials vulnerability in Otcms A vulnerability classified as critical was found in OTCMS up to 6.62. | 9.8 |
2023-06-14 | CVE-2023-3238 | Server-Side Request Forgery (SSRF) vulnerability in Otcms A vulnerability, which was classified as critical, has been found in OTCMS up to 6.62. | 9.8 |
2023-04-02 | CVE-2023-1797 | Unrestricted Upload of File with Dangerous Type vulnerability in Otcms 6.01 A vulnerability classified as critical was found in OTCMS 6.0.1. | 9.8 |
2023-03-25 | CVE-2023-1634 | Server-Side Request Forgery (SSRF) vulnerability in Otcms 6.72 A vulnerability was found in OTCMS 6.72. | 9.8 |
2023-03-25 | CVE-2023-1635 | Cross-site Scripting vulnerability in Otcms 6.72 A vulnerability was found in OTCMS 6.72. | 6.1 |
2019-10-09 | CVE-2019-17370 | SQL Injection vulnerability in Otcms 3.85 OTCMS v3.85 allows arbitrary PHP Code Execution because admin/sysCheckFile_deal.php blocks "into outfile" in a SELECT statement, but does not block the "into/**/outfile" manipulation. | 7.2 |