Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cscms vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2018-11527
An issue exists in CScms v4.1. A Cross-site request forgery (CSRF) vulnerability in plugins/sys/admin/Sys.php allows remote malicious users to change the administrator's username and password via /admin.php/sys/editpass_save.
Cscms Project Cscms 4.1
383
VMScore
CVE-2018-16730
\upload\plugins\sys\Install.php in CScms 4.1 has XSS via the site name.
Chshcms Cscms 4.1
668
VMScore
CVE-2018-16731
CScms 4.1 allows arbitrary file upload by (for example) adding the php extension to the default filetype list (gif, jpg, png), and then providing a .php pathname within fileurl JSON data.
Chshcms Cscms 4.1
605
VMScore
CVE-2018-16732
\upload\plugins\sys\admin\Setting.php in CScms 4.1 allows CSRF via admin.php/setting/ftp_save.
Chshcms Cscms 4.1
668
VMScore
CVE-2020-22848
A remote code execution (RCE) vulnerability in the \Playsong.php component of cscms v4.1 allows malicious users to execute arbitrary commands.
Chshcms Cscms 4.1
578
VMScore
CVE-2022-27368
Cscms Music Portal System v4.2 exists to contain a SQL injection vulnerability via the component dance_Lists.php_zhuan.
Chshcms Cscms 4.2
436
VMScore
CVE-2022-27090
Cscms Music Portal System v4.2 exists to contain a redirection vulnerability via the backurl parameter.
Chshcms Cscms 4.2
605
VMScore
CVE-2018-16448
Cscms 4 allows CSRF for creating a member via upload/admin.php/user/save, authenticating vip members via upload/admin.php/user/init/tid and upload/admin.php/user/init/rzid, and creating a super administrator and web editor via upload/admin.php/sys/save.
Chshcms Cscms 4.0
383
VMScore
CVE-2018-16337
An issue exists in Cscms V4.1.8. There is a CSRF vulnerability that can modify a website's basic configuration via upload/admin.php/setting/save.
Chshcms Cscms 4.1.8
570
VMScore
CVE-2018-17125
CScms 4.1 allows arbitrary directory deletion via a dir=..\\ substring to plugins\sys\admin\Plugins.php.
Chshcms Cscms 4.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304
CVE-2024-4240
arbitrary
CVE-2024-31601
XSS
CVE-2023-20198
CVE-2024-4256
CVE-2024-3342
encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »