RSS   Vulnerabilities for 'Composr'   RSS

2022-02-09
 
CVE-2021-46360

CWE-434
 

 
Authenticated remote code execution (RCE) in Composr-CMS 10.0.39 and earlier allows remote attackers to execute arbitrary code via uploading a PHP shell through /adminzone/index.php?page=admin-commandr.

 
2021-04-06
 
CVE-2021-30150

CWE-79
 

 
Composr 10.0.36 allows XSS in an XML script.

 
 
CVE-2021-30149

CWE-434
 

 
Composr 10.0.36 allows upload and execution of PHP files.

 
2020-05-22
 
CVE-2020-8789

CWE-79
 

 
Composr 10.0.30 allows Persistent XSS via a Usergroup name under the Security configuration.

 


Copyright 2024, cxsecurity.com

 

Back to Top