Vulnerabilities (CVE)

Filtered by vendor Articlecms Project Subscribe
Filtered by product Articlecms
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-28063 1 Articlecms Project 1 Articlecms 2024-11-21 7.5 HIGH 9.8 CRITICAL
A file upload issue exists in all versions of ArticleCMS which allows malicious users to getshell.
CVE-2020-20092 1 Articlecms Project 1 Articlecms 2024-11-21 7.5 HIGH 9.8 CRITICAL
File Upload vulnerability exists in ArticleCMS 1.0 via the image upload feature at /admin by changing the Content-Type to image/jpeg and placing PHP code after the JPEG data, which could let a remote malicious user execute arbitrary PHP code.
CVE-2018-19469 1 Articlecms Project 1 Articlecms 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
ArticleCMS through 2017-02-19 has XSS via the /update_personal_infomation realname or email parameter.
CVE-2018-12339 1 Articlecms Project 1 Articlecms 2024-11-21 3.5 LOW 5.4 MEDIUM
ArticleCMS through 2017-02-19 has XSS via an "add an article" action.