Doccms - Doccms CVE

Filtered by vendor Doccms Subscribe

Filtered by product Doccms

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2019-16192	1 Doccms	1 Doccms	2024-02-04	7.5 HIGH	9.8 CRITICAL
upload_model() in /admini/controllers/system/managemodel.php in DocCms 2016.5.17 allow remote attackers to execute arbitrary PHP code through module management files, as demonstrated by a .php file in a ZIP archive.
CVE-2018-18835	1 Doccms	1 Doccms	2024-02-04	7.5 HIGH	9.8 CRITICAL
upload_template() in system/changeskin.php in DocCms 2016.5.12 allows remote attackers to execute arbitrary PHP code via a template file.

Vulnerabilities (CVE)