Vulnerabilities (CVE)

Filtered by vendor Popojicms Subscribe

Filtered by product Popojicms

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 4 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2023-50011	1 Popojicms	1 Popojicms	2023-12-19	N/A	7.2 HIGH
PopojiCMS version 2.0.1 is vulnerable to remote command execution in the Meta Social field.
CVE-2019-9549	1 Popojicms	1 Popojicms	2019-03-04	6.8 MEDIUM	8.8 HIGH
An issue was discovered in PopojiCMS v2.0.1. It has CSRF via the po-admin/route.php?mod=user&act=addnew URI, as demonstrated by adding a level=1 account, a similar issue to CVE-2018-18935.
CVE-2018-18936	1 Popojicms	1 Popojicms	2018-12-11	6.4 MEDIUM	7.5 HIGH
An issue was discovered in PopojiCMS v2.0.1. admin_library.php allows remote attackers to delete arbitrary files via directory traversal in the po-admin/route.php?mod=library&act=delete id parameter.
CVE-2018-18935	1 Popojicms	1 Popojicms	2018-12-10	6.8 MEDIUM	8.8 HIGH
An issue was discovered in PopojiCMS v2.0.1. It has CSRF via the po-admin/route.php?mod=component&act=addnew URI, as demonstrated by adding a level=1 account.