Vulnerabilities > Pescms
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-06 | CVE-2021-31676 | Cross-site Scripting vulnerability in Pescms Team 2.3.3 A reflected XSS was discovered in PESCMS-V2.3.3. | 6.1 |
| 2022-07-06 | CVE-2021-31677 | Cross-Site Request Forgery (CSRF) vulnerability in Pescms Team 2.3.3 An issue was discovered in PESCMS-V2.3.3. | 6.5 |
| 2022-07-06 | CVE-2021-31678 | Cross-Site Request Forgery (CSRF) vulnerability in Pescms Team 2.3.3 An issue was discovered in PESCMS-V2.3.3. | 6.5 |
| 2022-07-06 | CVE-2021-31679 | Cross-Site Request Forgery (CSRF) vulnerability in Pescms Team 2.3.3 An issue was discovered in PESCMS-V2.3.3. | 6.5 |
| 2020-11-17 | CVE-2020-28092 | Cross-site Scripting vulnerability in Pescms Team 2.3.2 PESCMS Team 2.3.2 has multiple reflected XSS via the id parameter:?g=Team&m=Task&a=my&status=3&id=,?g=Team&m=Task&a=my&status=0&id=,?g=Team&m=Task&a=my&status=1&id=,?g=Team&m=Task&a=my&status=10&id= | 6.1 |
| 2018-09-03 | CVE-2018-16371 | Cross-site Scripting vulnerability in Pescms Team 2.2.1 PESCMS Team 2.2.1 has multiple reflected XSS via the keyword parameter: g=Team&m=User&a=index&keyword=, g=Team&m=User_group&a=index&keyword=, g=Team&m=Department&a=index&keyword=, and g=Team&m=Bulletin&a=index&keyword=. | 6.1 |
| 2018-09-03 | CVE-2018-16370 | Unrestricted Upload of File with Dangerous Type vulnerability in Pescms Team 2.2.1 In PESCMS Team 2.2.1, attackers may upload and execute arbitrary PHP code through /Public/?g=Team&m=Setting&a=upgrade by placing a .php file in a ZIP archive. | 9.8 |