Vulnerabilities > Popojicms > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-02 | CVE-2023-5910 | Cross-site Scripting vulnerability in Popojicms 2.0.1 A vulnerability was found in PopojiCMS 2.0.1 and classified as problematic. | 6.1 |
| 2021-08-25 | CVE-2020-19547 | Path Traversal vulnerability in Popojicms 2.0.1 Directory Traversal vulnerability exists in PopojiCMS 2.0.1 via the id parameter in admin.php. | 4.0 |
| 2021-08-25 | CVE-2021-28070 | Cross-Site Request Forgery (CSRF) vulnerability in Popojicms 2.0.1 Cross Site Request Forgery (CSRF) vulnerability exist in PopojiCMS 2.0.1 in po-admin/route.php?mod=user&act=multidelete. | 4.3 |
| 2021-08-06 | CVE-2020-21356 | Exposure of Resource to Wrong Sphere vulnerability in Popojicms 1.2 An information disclosure vulnerability in upload.php of PopojiCMS 1.2 leads to physical path disclosure of the host when 'name = "file" is deleted during file uploads. | 5.0 |
| 2021-08-06 | CVE-2020-21357 | Cross-site Scripting vulnerability in Popojicms 1.2 A stored cross site scripting (XSS) vulnerability in /admin.php?mod=user&act=addnew of PopojiCMS 1.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the E-Mail field. | 4.3 |
| 2019-11-07 | CVE-2019-18816 | Cross-site Scripting vulnerability in Popojicms 2.0.1 po-admin/route.php?mod=post&act=edit in PopojiCMS 2.0.1 allows post[1][content]= stored XSS. | 4.3 |
| 2019-11-07 | CVE-2019-18815 | Open Redirect vulnerability in Popojicms 2.0.1 PopojiCMS 2.0.1 allows refer= Open Redirection. | 5.8 |
| 2019-03-03 | CVE-2019-9549 | Cross-Site Request Forgery (CSRF) vulnerability in Popojicms 2.0.1 An issue was discovered in PopojiCMS v2.0.1. | 6.8 |
| 2018-11-05 | CVE-2018-18936 | Path Traversal vulnerability in Popojicms 2.0.1 An issue was discovered in PopojiCMS v2.0.1. | 6.4 |
| 2018-11-05 | CVE-2018-18935 | Cross-Site Request Forgery (CSRF) vulnerability in Popojicms 2.0.1 An issue was discovered in PopojiCMS v2.0.1. | 6.8 |