Vulnerabilities > Popojicms
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-14 | CVE-2023-50011 | Unspecified vulnerability in Popojicms 2.0.1 PopojiCMS version 2.0.1 is vulnerable to remote command execution in the Meta Social field. | 7.2 |
| 2023-11-02 | CVE-2023-5910 | Cross-site Scripting vulnerability in Popojicms 2.0.1 A vulnerability was found in PopojiCMS 2.0.1 and classified as problematic. | 6.1 |
| 2023-01-19 | CVE-2022-47766 | Unrestricted Upload of File with Dangerous Type vulnerability in Popojicms 2.0.1 PopojiCMS v2.0.1 backend plugin function has a file upload vulnerability. | 8.8 |
| 2021-08-25 | CVE-2020-18065 | Cross-site Scripting vulnerability in Popojicms 2.0.1 Cross Site Scripting (XSS) vulnerability exists in PopojiCMS 2.0.1 in admin.php?mod=menumanager--------- edit menu. | 5.4 |
| 2021-08-25 | CVE-2020-19547 | Path Traversal vulnerability in Popojicms 2.0.1 Directory Traversal vulnerability exists in PopojiCMS 2.0.1 via the id parameter in admin.php. | 6.5 |
| 2021-08-25 | CVE-2021-28070 | Cross-Site Request Forgery (CSRF) vulnerability in Popojicms 2.0.1 Cross Site Request Forgery (CSRF) vulnerability exist in PopojiCMS 2.0.1 in po-admin/route.php?mod=user&act=multidelete. | 4.3 |
| 2021-08-06 | CVE-2020-21356 | Exposure of Resource to Wrong Sphere vulnerability in Popojicms 1.2 An information disclosure vulnerability in upload.php of PopojiCMS 1.2 leads to physical path disclosure of the host when 'name = "file" is deleted during file uploads. | 5.3 |
| 2021-08-06 | CVE-2020-21357 | Cross-site Scripting vulnerability in Popojicms 1.2 A stored cross site scripting (XSS) vulnerability in /admin.php?mod=user&act=addnew of PopojiCMS 1.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the E-Mail field. | 6.1 |
| 2019-11-07 | CVE-2019-18816 | Cross-site Scripting vulnerability in Popojicms 2.0.1 po-admin/route.php?mod=post&act=edit in PopojiCMS 2.0.1 allows post[1][content]= stored XSS. | 6.1 |
| 2019-11-07 | CVE-2019-18815 | Open Redirect vulnerability in Popojicms 2.0.1 PopojiCMS 2.0.1 allows refer= Open Redirection. | 6.1 |