Vulnerabilities > Phome

DATE	CVE	VULNERABILITY TITLE	RISK
2018-10-09	CVE-2018-18086	Unrestricted Upload of File with Dangerous Type vulnerability in Phome Empirecms 7.5 EmpireCMS v7.5 has an arbitrary file upload vulnerability in the LoadInMod function in e/class/moddofun.php, exploitable by logged-in users. network low complexity phome CWE-434	8.8
2018-09-02	CVE-2018-16339	Cross-Site Request Forgery (CSRF) vulnerability in Phome Empirecms 7.0 An issue was discovered in EmpireCMS 7.0. network low complexity phome CWE-352	8.8
2018-02-12	CVE-2018-6881	Information Exposure vulnerability in multiple products EmpireCMS 6.6 allows remote attackers to discover the full path via an array value for a parameter to admin/tool/ShowPic.php. network low complexity phome dedecms CWE-200	5.3
2018-02-12	CVE-2018-6880	Exposure of Resource to Wrong Sphere vulnerability in Phome Empirecms 6.6/7.0/7.2 EmpireCMS 6.6 through 7.2 allows remote attackers to discover the full path via an array value for a parameter to class/connect.php. network low complexity phome CWE-668	5.3

Vulnerabilities > Phome {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Phome"}]}