Vulnerabilities > Wondercms > Wondercms > 0.3.3

DATE CVE VULNERABILITY TITLE RISK
2019-09-12 CVE-2019-5956 Path Traversal vulnerability in Wondercms
Directory traversal vulnerability in WonderCMS 2.6.0 and earlier allows remote attackers to delete arbitrary files via unspecified vectors.
network
low complexity
wondercms CWE-22
6.5
6.5
2018-07-18 CVE-2018-14387 Session Fixation vulnerability in Wondercms
An issue was discovered in WonderCMS before 2.5.2.
network
low complexity
wondercms CWE-384
8.8
8.8
2018-02-27 CVE-2018-7172 Path Traversal vulnerability in Wondercms
In index.php in WonderCMS before 2.4.1, remote attackers can delete arbitrary files via directory traversal.
network
low complexity
wondercms CWE-22
4.9
4.9
2017-04-21 CVE-2017-7951 Cross-Site Request Forgery (CSRF) vulnerability in Wondercms
WonderCMS before 2.0.3 has CSRF because of lack of a token in an unspecified context.
network
low complexity
wondercms CWE-352
8.8
8.8