Latest phpcms phpcms Vulnerabilities

CVE-2021-40910
Phpcms Phpcms=9.6.3
CVE-2020-22203
SQL Injection in phpCMS 2008 sp4 via the genre parameter to yp/job.php.
Phpcms Phpcms=2008-sp4
CVE-2020-22199
SQL Injection vulnerability in phpCMS 2007 SP6 build 0805 via the digg_mod parameter to digg_add.php.
Phpcms Phpcms=2007-sp6
CVE-2020-22201
phpCMS 2008 sp4 allowas remote malicious users to execute arbitrary php commands via the pagesize parameter to yp/product.php.
Phpcms Phpcms=2008-sp4
CVE-2020-22200
Directory Traversal vulnerability in phpCMS 9.1.13 via the q parameter to public_get_suggest_keyword.
Phpcms Phpcms=9.1.13
CVE-2019-10027
PHPCMS 9.6.x through 9.6.3 has XSS via the mailbox (aka E-mail) field on the personal information screen.
Phpcms Phpcms>=9.6.0<=9.6.3
CVE-2018-19127
Phpcms Phpcms=2008
CVE-2018-14940
PHPCMS 9 allows remote attackers to cause a denial of service (resource consumption) via large font_size, height, and width parameters in an api.php?op=checkcode request.
Phpcms Phpcms=9.0

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203