RSS   Vulnerabilities for 'Powercms'   RSS

2021-11-24
 
CVE-2021-20850

CWE-78
 

 
PowerCMS XMLRPC API of PowerCMS 5.19 and earlier, PowerCMS 4.49 and earlier, PowerCMS 3.295 and earlier, and PowerCMS 2 Series (End-of-Life, EOL) allows a remote attacker to execute an arbitrary OS command via unspecified vectors.

 
2019-12-26
 
CVE-2019-6020

CWE-601
 

 
Open redirect vulnerability in PowerCMS 5.12 and earlier (PowerCMS 5.x), 4.42 and earlier (PowerCMS 4.x), and 3.293 and earlier (PowerCMS 3.x) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a specially crafted URL.

 


Copyright 2024, cxsecurity.com

 

Back to Top