Vulnerabilities > Wolfcms > Wolf CMS > 0.8.3

DATE CVE VULNERABILITY TITLE RISK
2022-06-09 CVE-2019-25070 Cross-site Scripting vulnerability in Wolfcms Wolf CMS
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in WolfCMS up to 0.8.3.1.
network
low complexity
wolfcms CWE-79
6.1
6.1
2017-04-14 CVE-2015-6568 Improper Input Validation vulnerability in Wolfcms Wolf CMS
Wolf CMS before 0.8.3.1 allows unrestricted file rename and PHP Code Execution because admin/plugin/file_manager/browse/ (aka the filemanager) does not prevent a change of a file extension to ".php" after originally using the parameter "filename" for uploading a JPEG image.
network
low complexity
wolfcms CWE-20
6.5
6.5
2017-04-14 CVE-2015-6567 Improper Input Validation vulnerability in Wolfcms Wolf CMS
Wolf CMS before 0.8.3.1 allows unrestricted file upload and PHP Code Execution because admin/plugin/file_manager/browse/ (aka the filemanager) does not validate the parameter "filename" properly.
network
low complexity
wolfcms CWE-20
6.5
6.5