Known Vulnerabilities for Duxcms by Duxcms Project
Listed below are 7 of the newest known vulnerabilities associated with "Duxcms" by "Duxcms Project".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-3242 json | DuxCMS v3.1.3 was discovered to contain a SQL injection vulnerability via the component s/tools/SendTpl/index?keyword=. | 9.8 - CRITICAL | 2022-02-16 | 2022-02-24 |
| CVE-2020-36763 json | Cross Site Scripting (XSS) vulnerability in DuxCMS 2.1 allows remote attackers to run arbitrary code via the content, time, c... | 5.4 - MEDIUM | 2023-07-31 | 2023-08-04 |
| CVE-2020-36610 json | A vulnerability was found in annyshow DuxCMS 2.1. It has been declared as problematic. This vulnerability affects unknown cod... | 8 - HIGH | 2022-12-08 | 2023-11-07 |
| CVE-2020-36609 json | A vulnerability was found in annyshow DuxCMS 2.1. It has been classified as problematic. This affects an unknown part of the ... | 5.4 - MEDIUM | 2022-12-08 | 2023-11-07 |
| CVE-2020-21881 json | Cross Site Request Forgery (CSRF) vulnerability in admin.php in DuxCMS 2.1 allows remote attackers to modtify application dat... | 6.5 - MEDIUM | 2023-07-31 | 2023-08-04 |
| CVE-2020-21862 json | Directory traversal vulnerability in DuxCMS 2.1 allows attackers to delete arbitrary files via /admin/AdminBackup/del. | 8.1 - HIGH | 2023-07-06 | 2023-07-12 |
| CVE-2020-21861 json | File upload vulnerability in DuxCMS 2.1 allows attackers to execute arbitrary php code via duxcms/AdminUpload/upload. | 8.8 - HIGH | 2023-07-06 | 2023-07-12 |