Vulnerabilities (CVE)

Filtered by vendor Wcms Subscribe

Filtered by product Wcms

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 3 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2020-24135	1 Wcms	1 Wcms	2021-04-15	4.3 MEDIUM	6.1 MEDIUM
A Reflected Cross Site Scripting (XSS) Vulnerability was discovered in Wcms 0.3.2, which allows remote attackers to inject arbitrary web script and HTML via the type parameter to wex/cssjs.php.
CVE-2020-24138	1 Wcms	1 Wcms	2021-04-15	4.3 MEDIUM	6.1 MEDIUM
Cross Site Scripting (XSS) vulnerability in wcms 0.3.2 allows remote attackers to inject arbitrary web script and HTML via the pagename parameter to wex/html.php.
CVE-2020-24137	1 Wcms	1 Wcms	2021-04-13	5.0 MEDIUM	5.3 MEDIUM
Directory traversal vulnerability in Wcms 0.3.2 allows an attacker to read arbitrary files on the server that is running an application via the path parameter to wex/cssjs.php.