Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phome empirecms vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2018-16339
An issue exists in EmpireCMS 7.0. There is a CSRF vulnerability that can add administrators via upload/e/admin/user/AddUser.php?enews=AddUser.
Phome Empirecms 7.0
6.8
CVSSv2
CVE-2018-18449
EmpireCMS 7.5 allows CSRF for adding a user account via an enews=AddUser action to e/admin/user/ListUser.php, a similar issue to CVE-2018-16339.
Phome Empirecms 7.5
7.5
CVSSv2
CVE-2018-18869
EmpireCMS V7.5 allows remote malicious users to upload and execute arbitrary code via ..%2F directory traversal in a .php filename in the upload/e/admin/ecmscom.php path parameter.
Phome Empirecms 7.5
7.5
CVSSv2
CVE-2020-22937
A remote code execution (RCE) in e/install/index.php of EmpireCMS 7.5 allows malicious users to execute arbitrary PHP code via writing malicious code to the install file.
Phome Empirecms 7.5
6.5
CVSSv2
CVE-2018-18086
EmpireCMS v7.5 has an arbitrary file upload vulnerability in the LoadInMod function in e/class/moddofun.php, exploitable by logged-in users.
Phome Empirecms 7.5
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2