Publiccms

Publiccms

48 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2024-40551

Exploit
  • EPSS 0.42%
  • Veröffentlicht 12.07.2024 16:15:05
  • Zuletzt bearbeitet 21.11.2024 09:31:18

An arbitrary file upload vulnerability in the component /admin/cmsTemplate/doUpload of PublicCMS v4.0.202302.e allows attackers to execute arbitrary code via uploading a crafted file.

8.8

CVE-2024-40550

Exploit
  • EPSS 0.99%
  • Veröffentlicht 12.07.2024 16:15:05
  • Zuletzt bearbeitet 21.11.2024 09:31:18

An arbitrary file upload vulnerability in the component /admin/cmsTemplate/savePlaceMetaData of Public CMS v.4.0.202302.e allows attackers to execute arbitrary code via uploading a crafted file.

8.8

CVE-2024-40549

Exploit
  • EPSS 0.67%
  • Veröffentlicht 12.07.2024 16:15:05
  • Zuletzt bearbeitet 25.03.2025 17:15:58

An arbitrary file upload vulnerability in the component /admin/cmsTemplate/savePlace of PublicCMS v4.0.202302.e allows attackers to execute arbitrary code via uploading a crafted file.

8.8

CVE-2024-40548

Exploit
  • EPSS 0.67%
  • Veröffentlicht 12.07.2024 16:15:05
  • Zuletzt bearbeitet 21.11.2024 09:31:18

An arbitrary file upload vulnerability in the component /admin/cmsTemplate/save of PublicCMS v4.0.202302.e allows attackers to execute arbitrary code via uploading a crafted file.

8.8

CVE-2024-40546

Exploit
  • EPSS 0.72%
  • Veröffentlicht 12.07.2024 16:15:05
  • Zuletzt bearbeitet 21.11.2024 09:31:17

An arbitrary file upload vulnerability in the component /admin/cmsWebFile/save of PublicCMS v4.0.202302.e allows attackers to execute arbitrary code via uploading a crafted file.

8.8

CVE-2024-40545

Exploit
  • EPSS 0.66%
  • Veröffentlicht 12.07.2024 16:15:05
  • Zuletzt bearbeitet 21.11.2024 09:31:17

An arbitrary file upload vulnerability in the component /admin/cmsWebFile/doUpload of PublicCMS v4.0.202302.e allows attackers to execute arbitrary code via uploading a crafted file.

8.8

CVE-2024-40544

Exploit
  • EPSS 0.46%
  • Veröffentlicht 12.07.2024 16:15:05
  • Zuletzt bearbeitet 26.03.2025 16:15:20

PublicCMS v4.0.202302.e was discovered to contain a Server-Side Request Forgery (SSRF) via the component /admin/#maintenance_sysTask/edit.

8.8

CVE-2024-40543

Exploit
  • EPSS 0.3%
  • Veröffentlicht 12.07.2024 16:15:05
  • Zuletzt bearbeitet 21.11.2024 09:31:17

PublicCMS v4.0.202302.e was discovered to contain a Server-Side Request Forgery (SSRF) via the component /admin/ueditor?action=catchimage.

8.8

CVE-2024-31759

Exploit
  • EPSS 0.88%
  • Veröffentlicht 16.04.2024 23:15:09
  • Zuletzt bearbeitet 12.06.2025 23:43:02

An issue in sanluan PublicCMS v.4.0.202302.e allows an attacker to escalate privileges via the change password function.

6.9

CVE-2024-2911

  • EPSS 0.32%
  • Veröffentlicht 26.03.2024 22:15:07
  • Zuletzt bearbeitet 21.08.2025 17:45:20

A vulnerability, which was classified as problematic, was found in Tianjin PubliCMS 4.0.202302.e. This affects an unknown part. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been...