Html-js - Doracms CVE

Filtered by vendor Html-js Subscribe

Filtered by product Doracms

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2023-49444	1 Html-js	1 Doracms	2023-12-11	N/A	5.4 MEDIUM
An arbitrary file upload vulnerability in DoraCMS v2.1.8 allow attackers to execute arbitrary code via uploading a crafted HTML or image file to the user avatar.
CVE-2018-16622	1 Html-js	1 Doracms	2018-11-02	3.5 LOW	5.4 MEDIUM
Multiple cross-site scripting (XSS) vulnerabilities in /api/content/addOne in DoraCMS v2.0.3 allow remote attackers to inject arbitrary web script or HTML via the (1) discription or (2) comments field, related to users/userAddContent.

Vulnerabilities (CVE)