Vulnerabilities > Phpmywind > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-20 | CVE-2020-21400 | SQL Injection vulnerability in PHPmywind 5.6 SQL injection vulnerability in gaozhifeng PHPMyWind v.5.6 allows a remote attacker to execute arbitrary code via the id variable in the modify function. | 7.2 |
| 2023-04-04 | CVE-2020-21060 | SQL Injection vulnerability in PHPmywind 5.6 SQL injection vulnerability found in PHPMyWind v.5.6 allows a remote attacker to gain privileges via the delete function of the administrator management page. | 8.8 |
| 2021-09-07 | CVE-2021-39503 | Code Injection vulnerability in PHPmywind 5.6 PHPMyWind 5.6 is vulnerable to Remote Code Execution. | 7.2 |
| 2021-08-20 | CVE-2020-18885 | Command Injection vulnerability in PHPmywind 5.6 Command Injection in PHPMyWind v5.6 allows remote attackers to execute arbitrary code via the "text color" field of the component '/admin/web_config.php'. | 7.2 |
| 2021-08-20 | CVE-2020-18886 | Unrestricted Upload of File with Dangerous Type vulnerability in PHPmywind 5.6 Unrestricted File Upload in PHPMyWind v5.6 allows remote attackers to execute arbitrary code via the component 'admin/upload_file_do.php'. | 7.2 |
| 2018-09-17 | CVE-2018-17134 | Code Injection vulnerability in PHPmywind 5.5 admin/web_config.php in PHPMyWind 5.5 allows Admin users to execute arbitrary code via the cfg_author field in conjunction with a crafted cfg_webpath field. | 7.2 |
| 2018-09-17 | CVE-2018-17133 | Code Injection vulnerability in PHPmywind 5.5 admin/web_config.php in PHPMyWind 5.5 allows Admin users to execute arbitrary code via the rewrite url setting. | 7.2 |
| 2018-09-17 | CVE-2018-17132 | Code Injection vulnerability in PHPmywind 5.5 admin/goods_update.php in PHPMyWind 5.5 allows Admin users to execute arbitrary code via the attrvalue[] array parameter. | 7.2 |
| 2018-09-17 | CVE-2018-17131 | Code Injection vulnerability in PHPmywind 5.5 admin/web_config.php in PHPMyWind 5.5 allows Admin users to execute arbitrary code via the varvalue field. | 7.2 |