Filtered by vendor Publiccms
Subscribe
Search
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-46990 | 1 Publiccms | 1 Publiccms | 2023-11-28 | N/A | 9.8 CRITICAL |
| Deserialization of Untrusted Data in PublicCMS v.4.0.202302.e allows a remote attacker to execute arbitrary code via a crafted script to the writeReplace function. | |||||
| CVE-2022-23389 | 1 Publiccms | 1 Publiccms | 2023-08-08 | 7.5 HIGH | 9.8 CRITICAL |
| PublicCMS v4.0 was discovered to contain a remote code execution (RCE) vulnerability via the cmdarray parameter. | |||||
| CVE-2021-40881 | 1 Publiccms | 1 Publiccms | 2021-09-28 | 7.5 HIGH | 9.8 CRITICAL |
| An issue in the BAT file parameters of PublicCMS v4.0 allows attackers to execute arbitrary code. | |||||
| CVE-2018-12914 | 1 Publiccms | 1 Publiccms | 2018-08-20 | 7.5 HIGH | 9.8 CRITICAL |
| A remote code execution issue was discovered in PublicCMS V4.0.20180210. An attacker can upload a ZIP archive that contains a .jsp file with a directory traversal pathname. After an unzip operation, the attacker can execute arbitrary code by visiting a .jsp URI. | |||||