Total
4 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-15849 | 1 Portfoliocms Project | 1 Portfoliocms | 2024-11-21 | 4.3 MEDIUM | 4.3 MEDIUM |
An issue was discovered in portfolioCMS 1.0.5. There is CSRF to update the website settings via admin/aboutus.php. | |||||
CVE-2018-15848 | 1 Portfoliocms Project | 1 Portfoliocms | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
An issue was discovered in portfolioCMS 1.0.5. There is CSRF to create new pages via admin/portfolio.php?newpage=true. | |||||
CVE-2018-12263 | 1 Portfoliocms Project | 1 Portfoliocms | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
portfolioCMS 1.0.5 allows upload of arbitrary .php files via the admin/portfolio.php?newpage=true URI. | |||||
CVE-2018-12110 | 1 Portfoliocms Project | 1 Portfoliocms | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
portfolioCMS 1.0.5 has SQL Injection via the admin/portfolio.php preview parameter. |