Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
horizontcms project horizontcms 1.0.0 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2021-28428
File upload vulnerability in HorizontCMS prior to 1.0.0-beta.3 via uploading a .htaccess and *.hello files using the Media Files upload functionality. The original file upload vulnerability (CVE-2020-27387) was remediated by restricting the PHP extensions; however, we confirmed t...
Horizontcms Project Horizontcms 1.0.0
7.5
CVSSv3
CVE-2022-25104
HorizontCMS v1.0.0-beta.2 exists to contain an arbitrary file download vulnerability via the component /admin/file-manager/.
Horizontcms Project Horizontcms 1.0.0
8.8
CVSSv3
CVE-2020-28693
An unrestricted file upload issue in HorizontCMS 1.0.0-beta allows an authenticated remote malicious user to upload PHP code through a zip file by uploading a theme, and executing the PHP file via an HTTP GET request to /themes/<php_file_name>
Horizontcms Project Horizontcms 1.0.0
1 Github repository
8.8
CVSSv3
CVE-2020-27387
An unrestricted file upload issue in HorizontCMS up to and including 1.0.0-beta allows an authenticated remote attacker (with access to the FileManager) to upload and execute arbitrary PHP code by uploading a PHP payload, and then using the FileManager's rename function to p...
Horizontcms Project Horizontcms 1.0.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started