Vulnerabilities > Portfoliocms Project
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-02-03 | CVE-2021-36532 | Race Condition vulnerability in Portfoliocms Project Portfoliocms 1.0.0 Race condition vulnerability discovered in portfolioCMS 1.0 allows remote attackers to run arbitrary code via fileExt parameter to localhost/admin/uploads.php. | 8.1 |
2023-01-31 | CVE-2020-20402 | Improper Authentication vulnerability in Portfoliocms Project Portfoliocms 1.0.5 Westbrookadmin portfolioCMS v1.05 allows attackers to bypass password validation and access sensitive information via session fixation. | 7.5 |
2018-08-25 | CVE-2018-15849 | Cross-Site Request Forgery (CSRF) vulnerability in Portfoliocms Project Portfoliocms 1.0.5 An issue was discovered in portfolioCMS 1.0.5. | 4.3 |
2018-08-25 | CVE-2018-15848 | Cross-Site Request Forgery (CSRF) vulnerability in Portfoliocms Project Portfoliocms 1.0.5 An issue was discovered in portfolioCMS 1.0.5. | 8.8 |
2018-06-13 | CVE-2018-12263 | Unrestricted Upload of File with Dangerous Type vulnerability in Portfoliocms Project Portfoliocms 1.0.5 portfolioCMS 1.0.5 allows upload of arbitrary .php files via the admin/portfolio.php?newpage=true URI. | 8.8 |
2018-06-11 | CVE-2018-12110 | SQL Injection vulnerability in Portfoliocms Project Portfoliocms 1.0.5 portfolioCMS 1.0.5 has SQL Injection via the admin/portfolio.php preview parameter. | 7.2 |