Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wtcms project wtcms 1.0 vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2020-20343
WTCMS 1.0 contains a cross-site request forgery (CSRF) vulnerability in the index.php?g=admin&m=nav&a=add_post component that allows malicious users to arbitrarily add articles in the administrator background.
Wtcms Project Wtcms 1.0
5.4
CVSSv3
CVE-2020-20345
WTCMS 1.0 contains a reflective cross-site scripting (XSS) vulnerability in the page management background which allows malicious users to obtain cookies via a crafted payload entered into the search box.
Wtcms Project Wtcms 1.0
5.4
CVSSv3
CVE-2020-20347
WTCMS 1.0 contains a stored cross-site scripting (XSS) vulnerability in the source field under the article management module.
Wtcms Project Wtcms 1.0
5.4
CVSSv3
CVE-2020-20349
WTCMS 1.0 contains a stored cross-site scripting (XSS) vulnerability in the link address field under the background links module.
Wtcms Project Wtcms 1.0
8.8
CVSSv3
CVE-2018-10267
WTCMS 1.0 has a CSRF vulnerability to add an administrator account via the index.php?admin&m=user&a=add_post URI.
Wtcms Project Wtcms 1.0
5.4
CVSSv3
CVE-2020-20344
WTCMS 1.0 contains a reflective cross-site scripting (XSS) vulnerability in the keyword search function under the background articles module.
Wtcms Project Wtcms 1.0
5.4
CVSSv3
CVE-2020-20348
WTCMS 1.0 contains a stored cross-site scripting (XSS) vulnerability in the link field under the background menu management module.
Wtcms Project Wtcms 1.0
9.8
CVSSv3
CVE-2019-8908
An issue exists in WTCMS 1.0. It allows remote malicious users to execute arbitrary PHP code by going to the "Setting -> Mailbox configuration -> Registration email template" screen, and uploading an image file, as demonstrated by a .php filename and the "Con...
Wtcms Project Wtcms 1.0
1 Github repository
7.5
CVSSv3
CVE-2019-8909
An issue exists in WTCMS 1.0. It allows remote malicious users to cause a denial of service (resource consumption) via crafted dimensions for the verification code image.
Wtcms Project Wtcms 1.0
8.8
CVSSv3
CVE-2019-8910
An issue exists in WTCMS 1.0. It allows index.php?g=admin&m=setting&a=site_post CSRF.
Wtcms Project Wtcms 1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »