Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tpcms project tpcms 3.2 vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2022-29624
An arbitrary file upload vulnerability in the Add File function of TPCMS v3.2 allows malicious users to execute arbitrary code via a crafted PHP file.
Tpcms Project Tpcms 3.2
3.5
CVSSv2
CVE-2022-27441
A stored cross-site scripting (XSS) vulnerability in TPCMS v3.2 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Phone text box.
Tpcms Project Tpcms 3.2
5
CVSSv2
CVE-2022-27442
TPCMS v3.2 allows malicious users to access the ThinkPHP log directory and obtain sensitive information such as the administrator's user name and password.
Tpcms Project Tpcms 3.2
NA
CVE-2021-36544
Incorrect Access Control issue discovered in tpcms 3.2 allows remote malicious users to view sensitive information via path in application URL.
Tpcms Project Tpcms 3.2
NA
CVE-2021-36545
Cross Site Scripting (XSS) vulnerability in tpcms 3.2 allows remote malicious users to run arbitrary code via the cfg_copyright or cfg_tel field in Site Configuration page.
Tpcms Project Tpcms 3.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
firmware
CVE-2023-52866
CVE-2024-4367
CVE-2024-1721
CVE-2023-34992
XML injection
CVE-2023-52817
SQL
CVE-2023-52855
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started