Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
horizontcms project horizontcms 1.0.0 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2021-28428
File upload vulnerability in HorizontCMS prior to 1.0.0-beta.3 via uploading a .htaccess and *.hello files using the Media Files upload functionality. The original file upload vulnerability (CVE-2020-27387) was remediated by restricting the PHP extensions; however, we confirmed t...
Horizontcms Project Horizontcms 1.0.0
5
CVSSv2
CVE-2022-25104
HorizontCMS v1.0.0-beta.2 exists to contain an arbitrary file download vulnerability via the component /admin/file-manager/.
Horizontcms Project Horizontcms 1.0.0
9
CVSSv2
CVE-2020-28693
An unrestricted file upload issue in HorizontCMS 1.0.0-beta allows an authenticated remote malicious user to upload PHP code through a zip file by uploading a theme, and executing the PHP file via an HTTP GET request to /themes/<php_file_name>
Horizontcms Project Horizontcms 1.0.0
1 Github repository
6.5
CVSSv2
CVE-2020-27387
An unrestricted file upload issue in HorizontCMS up to and including 1.0.0-beta allows an authenticated remote attacker (with access to the FileManager) to upload and execute arbitrary PHP code by uploading a PHP payload, and then using the FileManager's rename function to p...
Horizontcms Project Horizontcms 1.0.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started