Total
4 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-19268 | 1 Dswjcms Project | 1 Dswjcms | 2024-02-28 | 3.5 LOW | 5.7 MEDIUM |
A cross-site request forgery (CSRF) in index.php/Dswjcms/User/tfAdd of Dswjcms 1.6.4 allows authenticated attackers to arbitrarily add administrator users. | |||||
CVE-2020-19267 | 1 Dswjcms Project | 1 Dswjcms | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
An issue in index.php/Dswjcms/Basis/resources of Dswjcms 1.6.4 allows attackers to execute arbitrary code via uploading a crafted PHP file. | |||||
CVE-2020-19266 | 1 Dswjcms Project | 1 Dswjcms | 2024-02-28 | 4.3 MEDIUM | 6.1 MEDIUM |
A stored cross-site scripting (XSS) vulnerability in the index.php/Dswjcms/Site/articleList component of Dswjcms 1.6.4 allows attackers to execute arbitrary web scripts or HTML. | |||||
CVE-2020-19265 | 1 Dswjcms Project | 1 Dswjcms | 2024-02-28 | 4.3 MEDIUM | 6.1 MEDIUM |
A stored cross-site scripting (XSS) vulnerability in the index.php/Dswjcms/Basis/links component of Dswjcms 1.6.4 allows attackers to execute arbitrary web scripts or HTML. |