Vulnerabilities > Publiccms > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-07-12 CVE-2024-40547 Unspecified vulnerability in Publiccms
PublicCMS v4.0.202302.e was discovered to contain an arbitrary file content replacement vulnerability via the component /admin/cmsTemplate/replace.
network
low complexity
publiccms
6.5
6.5
2024-01-10 CVE-2023-51252 Cross-site Scripting vulnerability in Publiccms 4.0
PublicCMS 4.0 is vulnerable to Cross Site Scripting (XSS).
network
low complexity
publiccms CWE-79
5.4
5.4
2023-11-16 CVE-2023-48204 Server-Side Request Forgery (SSRF) vulnerability in Publiccms 4.0.202302.E
An issue in PublicCMS v.4.0.202302.e allows a remote attacker to obtain sensitive information via the appToken and Parameters parameter of the api/method/getHtml component.
network
low complexity
publiccms CWE-918
6.5
6.5
2022-11-11 CVE-2022-3950 Cross-site Scripting vulnerability in Publiccms
A vulnerability, which was classified as problematic, was found in sanluan PublicCMS.
network
low complexity
publiccms CWE-79
6.1
6.1
2022-06-03 CVE-2022-29784 Unspecified vulnerability in Publiccms
PublicCMS V4.0.202204.a and below contains an information leak via the component /views/directive/sys/SysConfigDataDirective.java.
network
low complexity
publiccms
5.3
5.3
2018-09-23 CVE-2018-17368 Unspecified vulnerability in Publiccms 4.0.180825
An issue was discovered in PublicCMS V4.0.180825.
network
low complexity
publiccms
5.0
5.0
2018-06-15 CVE-2018-12494 Path Traversal vulnerability in Publiccms 4.0.20180210
An issue was discovered in PublicCMS V4.0.20180210.
network
low complexity
publiccms CWE-22
4.0
4.0
2018-06-15 CVE-2018-12493 Path Traversal vulnerability in Publiccms 4.0.20180210
An issue was discovered in PublicCMS V4.0.20180210.
network
low complexity
publiccms CWE-22
4.0
4.0
2018-05-26 CVE-2018-11500 Cross-Site Request Forgery (CSRF) vulnerability in Publiccms 4.0.20180210
An issue was discovered in PublicCMS V4.0.20180210.
network
publiccms CWE-352
6.8
6.8