Vulnerabilities > Popojicms

DATE CVE VULNERABILITY TITLE RISK
2023-12-14 CVE-2023-50011 Unspecified vulnerability in Popojicms 2.0.1
PopojiCMS version 2.0.1 is vulnerable to remote command execution in the Meta Social field.
network
low complexity
popojicms
7.2
2023-11-02 CVE-2023-5910 Cross-site Scripting vulnerability in Popojicms 2.0.1
A vulnerability was found in PopojiCMS 2.0.1 and classified as problematic.
network
low complexity
popojicms CWE-79
6.1
2023-01-19 CVE-2022-47766 Unrestricted Upload of File with Dangerous Type vulnerability in Popojicms 2.0.1
PopojiCMS v2.0.1 backend plugin function has a file upload vulnerability.
network
low complexity
popojicms CWE-434
8.8
2021-08-25 CVE-2020-18065 Cross-site Scripting vulnerability in Popojicms 2.0.1
Cross Site Scripting (XSS) vulnerability exists in PopojiCMS 2.0.1 in admin.php?mod=menumanager--------- edit menu.
network
low complexity
popojicms CWE-79
5.4
2021-08-25 CVE-2020-19547 Path Traversal vulnerability in Popojicms 2.0.1
Directory Traversal vulnerability exists in PopojiCMS 2.0.1 via the id parameter in admin.php.
network
low complexity
popojicms CWE-22
6.5
2021-08-25 CVE-2021-28070 Cross-Site Request Forgery (CSRF) vulnerability in Popojicms 2.0.1
Cross Site Request Forgery (CSRF) vulnerability exist in PopojiCMS 2.0.1 in po-admin/route.php?mod=user&act=multidelete.
network
low complexity
popojicms CWE-352
4.3
2021-08-06 CVE-2020-21356 Exposure of Resource to Wrong Sphere vulnerability in Popojicms 1.2
An information disclosure vulnerability in upload.php of PopojiCMS 1.2 leads to physical path disclosure of the host when 'name = "file" is deleted during file uploads.
network
low complexity
popojicms CWE-668
5.3
2021-08-06 CVE-2020-21357 Cross-site Scripting vulnerability in Popojicms 1.2
A stored cross site scripting (XSS) vulnerability in /admin.php?mod=user&act=addnew of PopojiCMS 1.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the E-Mail field.
network
low complexity
popojicms CWE-79
6.1
2019-11-07 CVE-2019-18816 Cross-site Scripting vulnerability in Popojicms 2.0.1
po-admin/route.php?mod=post&act=edit in PopojiCMS 2.0.1 allows post[1][content]= stored XSS.
network
low complexity
popojicms CWE-79
6.1
2019-11-07 CVE-2019-18815 Open Redirect vulnerability in Popojicms 2.0.1
PopojiCMS 2.0.1 allows refer= Open Redirection.
network
low complexity
popojicms CWE-601
6.1