Vulnerabilities > Phpwcms > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-10-24 | CVE-2017-15872 | Cross-site Scripting vulnerability in PHPwcms 1.8.9 phpwcms 1.8.9 has XSS in include/inc_tmpl/admin.edituser.tmpl.php and include/inc_tmpl/admin.newuser.tmpl.php via the username (aka new_login) field. | 3.5 |
| 2006-05-22 | CVE-2006-2518 | Cross-Site Scripting vulnerability in PHPwcms 1.2.5Dev Cross-site scripting (XSS) vulnerability in phpwcms 1.2.5-DEV allows remote attackers to inject arbitrary web script or HTML via the BL[be_cnt_plainhtml] parameter to include/inc_tmpl/content/cnt6.inc.php. | 2.6 |
| 2006-05-22 | CVE-2006-2519 | Local File Include vulnerability in PHPwcms 1.2.5Dev Directory traversal vulnerability in include/inc_ext/spaw/spaw_control.class.php in phpwcms 1.2.5-DEV allows remote attackers to include arbitrary local files via .. | 2.6 |