RSS   Vulnerabilities for 'Articlecms'   RSS

2021-05-13
 
CVE-2020-20092

CWE-434
 

 
File Upload vulnerability exists in ArticleCMS 1.0 via the image upload feature at /admin by changing the Content-Type to image/jpeg and placing PHP code after the JPEG data, which could let a remote malicious user execute arbitrary PHP code.

 
 
CVE-2020-28063

CWE-434
 

 
A file upload issue exists in all versions of ArticleCMS which allows malicious users to getshell.

 
2018-11-23
 
CVE-2018-19469

CWE-79
 

 
ArticleCMS through 2017-02-19 has XSS via the /update_personal_infomation realname or email parameter.

 
2018-06-13
 
CVE-2018-12339

CWE-79
 

 
ArticleCMS through 2017-02-19 has XSS via an "add an article" action.

 


Copyright 2024, cxsecurity.com

 

Back to Top