Vulnerabilities > Publiccms > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-11-20 CVE-2023-46990 Deserialization of Untrusted Data vulnerability in Publiccms 4.0.202302.E
Deserialization of Untrusted Data in PublicCMS v.4.0.202302.e allows a remote attacker to execute arbitrary code via a crafted script to the writeReplace function.
network
low complexity
publiccms CWE-502
critical
 9.8
9.8
2023-06-15 CVE-2023-34852 Unspecified vulnerability in Publiccms
PublicCMS <=V4.0.202302 is vulnerable to Insecure Permissions.
network
low complexity
publiccms
critical
 9.8
9.8
2023-04-04 CVE-2020-20914 SQL Injection vulnerability in Publiccms 4.0
SQL Injection vulnerability found in San Luan PublicCMS v.4.0 allows a remote attacker to execute arbitrary code via the sql parameter.
network
low complexity
publiccms CWE-89
critical
 9.8
9.8
2023-04-04 CVE-2020-20915 SQL Injection vulnerability in Publiccms 4.0
SQL Injection vulnerability found in PublicCMS v.4.0 allows a remote attacker to execute arbitrary code via sql parameter of the the SysSiteAdminControl.
network
low complexity
publiccms CWE-89
critical
 9.8
9.8
2022-09-02 CVE-2021-27693 Server-Side Request Forgery (SSRF) vulnerability in Publiccms
Server-side Request Forgery (SSRF) vulnerability in PublicCMS before 4.0.202011.b via /publiccms/admin/ueditor when the action is catchimage.
network
low complexity
publiccms CWE-918
critical
 9.8
9.8
2022-02-14 CVE-2022-23389 OS Command Injection vulnerability in Publiccms 4.0
PublicCMS v4.0 was discovered to contain a remote code execution (RCE) vulnerability via the cmdarray parameter.
network
low complexity
publiccms CWE-78
critical
 9.8
9.8
2021-09-15 CVE-2021-40881 Unspecified vulnerability in Publiccms 4.0
An issue in the BAT file parameters of PublicCMS v4.0 allows attackers to execute arbitrary code.
network
low complexity
publiccms
critical
 9.8
9.8
2018-06-27 CVE-2018-12914 Unrestricted Upload of File with Dangerous Type vulnerability in Publiccms 4.0.20180210
A remote code execution issue was discovered in PublicCMS V4.0.20180210.
network
low complexity
publiccms CWE-434
critical
 9.8
9.8