Vulnerabilities > Publiccms

DATE CVE VULNERABILITY TITLE RISK
2024-11-13 CVE-2024-11175 Cross-site Scripting vulnerability in Publiccms 5.202406.D
A vulnerability was found in Public CMS 5.202406.d and classified as problematic.
network
low complexity
publiccms CWE-79
4.8
2024-11-11 CVE-2024-11070 Cross-site Scripting vulnerability in Publiccms 5.202406.D
A vulnerability, which was classified as problematic, has been found in Sanluan PublicCMS 5.202406.d.
network
low complexity
publiccms CWE-79
5.4
2024-07-12 CVE-2024-40543 Server-Side Request Forgery (SSRF) vulnerability in Publiccms
PublicCMS v4.0.202302.e was discovered to contain a Server-Side Request Forgery (SSRF) via the component /admin/ueditor?action=catchimage.
network
low complexity
publiccms CWE-918
8.8
2024-07-12 CVE-2024-40544 Server-Side Request Forgery (SSRF) vulnerability in Publiccms
PublicCMS v4.0.202302.e was discovered to contain a Server-Side Request Forgery (SSRF) via the component /admin/#maintenance_sysTask/edit.
network
low complexity
publiccms CWE-918
8.8
2024-07-12 CVE-2024-40545 Unrestricted Upload of File with Dangerous Type vulnerability in Publiccms
An arbitrary file upload vulnerability in the component /admin/cmsWebFile/doUpload of PublicCMS v4.0.202302.e allows attackers to execute arbitrary code via uploading a crafted file.
network
low complexity
publiccms CWE-434
8.8
2024-07-12 CVE-2024-40546 Unrestricted Upload of File with Dangerous Type vulnerability in Publiccms
An arbitrary file upload vulnerability in the component /admin/cmsWebFile/save of PublicCMS v4.0.202302.e allows attackers to execute arbitrary code via uploading a crafted file.
network
low complexity
publiccms CWE-434
8.8
2024-07-12 CVE-2024-40547 Unspecified vulnerability in Publiccms
PublicCMS v4.0.202302.e was discovered to contain an arbitrary file content replacement vulnerability via the component /admin/cmsTemplate/replace.
network
low complexity
publiccms
6.5
2024-07-12 CVE-2024-40548 Unrestricted Upload of File with Dangerous Type vulnerability in Publiccms
An arbitrary file upload vulnerability in the component /admin/cmsTemplate/save of PublicCMS v4.0.202302.e allows attackers to execute arbitrary code via uploading a crafted file.
network
low complexity
publiccms CWE-434
8.8
2024-07-12 CVE-2024-40549 Unrestricted Upload of File with Dangerous Type vulnerability in Publiccms
An arbitrary file upload vulnerability in the component /admin/cmsTemplate/savePlace of PublicCMS v4.0.202302.e allows attackers to execute arbitrary code via uploading a crafted file.
network
low complexity
publiccms CWE-434
8.8
2024-07-12 CVE-2024-40550 Unrestricted Upload of File with Dangerous Type vulnerability in Publiccms
An arbitrary file upload vulnerability in the component /admin/cmsTemplate/savePlaceMetaData of Public CMS v.4.0.202302.e allows attackers to execute arbitrary code via uploading a crafted file.
network
low complexity
publiccms CWE-434
8.8