Vulnerabilities > Phpwcms > Phpwcms > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-02-03 | CVE-2021-36426 | Unrestricted Upload of File with Dangerous Type vulnerability in PHPwcms File Upload vulnerability in phpwcms 1.9.25 allows remote attackers to run arbitrary code via crafted file upload to include/inc_lib/general.inc.php. | 8.8 |
2007-02-15 | CVE-2006-7019 | Remote Security vulnerability in phpwcms phpwcms 1.2.5-DEV and earlier, and 1.1 before RC4, allows remote attackers to execute arbitrary code via crafted arguments to the (1) text_evento and (2) email_eventonome_evento parameters to phpwcms_code_snippets/mail_file_form.php and sample_ext_php/mail_file_form.php, which is processed by the render_PHPcode function. | 7.5 |