Vulnerabilities > Phpcms > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-06-15 CVE-2021-40910 Cross-site Scripting vulnerability in PHPcms 9.6.3
There is a reflective cross-site scripting (XSS) vulnerability in the PHPCMS V9.6.3 management side.
network
low complexity
phpcms CWE-79
6.1
6.1
2021-06-16 CVE-2020-22200 Path Traversal vulnerability in PHPcms 9.1.13
Directory Traversal vulnerability in phpCMS 9.1.13 via the q parameter to public_get_suggest_keyword.
network
low complexity
phpcms CWE-22
5.3
5.3
2019-03-25 CVE-2019-10027 Cross-site Scripting vulnerability in PHPcms
PHPCMS 9.6.x through 9.6.3 has XSS via the mailbox (aka E-mail) field on the personal information screen.
network
low complexity
phpcms CWE-79
4.8
4.8