Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-19329 | 1 Greencms | 1 Greencms | 2024-02-28 | 5.5 MEDIUM | 4.9 MEDIUM |
| GreenCMS v2.3.0603 allows remote authenticated administrators to delete arbitrary files by modifying a base64-encoded pathname in an m=admin&c=media&a=delfilehandle&id= call, related to the m=admin&c=media&a=restorefile delete button. | |||||
| CVE-2018-19376 | 1 Greencms | 1 Greencms | 2024-02-28 | 5.8 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in GreenCMS v2.3.0603. There is a CSRF vulnerability that allows attackers to delete a log file via the index.php?m=admin&c=data&a=clear URI. | |||||
| CVE-2018-12988 | 1 Greencms | 1 Greencms | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
| GreenCMS 2.3.0603 has an arbitrary file download vulnerability via an index.php?m=admin&c=media&a=downfile URI. | |||||