Search
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-50038 | 1 Textpattern | 1 Textpattern | 2024-01-04 | N/A | 8.8 HIGH |
| There is an arbitrary file upload vulnerability in the background of textpattern cms v4.8.8, which leads to the loss of server permissions. | |||||
| CVE-2023-36220 | 1 Textpattern | 1 Textpattern | 2023-08-09 | N/A | 7.2 HIGH |
| Directory Traversal vulnerability in Textpattern CMS v4.8.8 allows a remote authenticated attacker to execute arbitrary code and gain access to sensitive information via the plugin Upload function. | |||||
| CVE-2020-29458 | 1 Textpattern | 1 Textpattern | 2020-12-02 | 6.8 MEDIUM | 8.8 HIGH |
| Textpattern CMS 4.6.2 allows CSRF via the prefs subsystem. | |||||
| CVE-2018-1000090 | 1 Textpattern | 1 Textpattern | 2018-04-13 | 7.8 HIGH | 7.5 HIGH |
| textpattern version version 4.6.2 contains a XML Injection vulnerability in Import XML feature that can result in Denial of service in context to the web server by exhausting server memory resources. This attack appear to be exploitable via Uploading a specially crafted XML file. | |||||