Known Vulnerabilities for products from Phpcms
Listed below are 16 of the newest known vulnerabilities associated with the vendor "Phpcms".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-40910 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 6.1 - MEDIUM | 2022-06-15 | 2022-06-23 |
| CVE-2020-22203 json | SQL Injection in phpCMS 2008 sp4 via the genre parameter to yp/job.php. | 9.8 - CRITICAL | 2021-06-16 | 2021-06-21 |
| CVE-2020-22201 json | phpCMS 2008 sp4 allowas remote malicious users to execute arbitrary php commands via the pagesize parameter to yp/product.php... | 8.8 - HIGH | 2021-06-16 | 2022-09-29 |
| CVE-2020-22200 json | Directory Traversal vulnerability in phpCMS 9.1.13 via the q parameter to public_get_suggest_keyword. | 5.3 - MEDIUM | 2021-06-16 | 2021-06-17 |
| CVE-2020-22199 json | SQL Injection vulnerability in phpCMS 2007 SP6 build 0805 via the digg_mod parameter to digg_add.php. | 9.8 - CRITICAL | 2021-06-16 | 2021-06-21 |
| CVE-2019-10027 json | PHPCMS 9.6.x through 9.6.3 has XSS via the mailbox (aka E-mail) field on the personal information screen. | 4.8 - MEDIUM | 2019-03-25 | 2019-03-26 |
| CVE-2018-19127 json | A code injection vulnerability in /type.php in PHPCMS 2008 allows attackers to write arbitrary content to a website cache fil... | 9.8 - CRITICAL | 2018-11-09 | 2019-02-04 |
| CVE-2018-14940 json | PHPCMS 9 allows remote attackers to cause a denial of service (resource consumption) via large font_size, height, and width p... | 7.5 - HIGH | 2018-08-05 | 2019-10-03 |
| CVE-2013-5939 json | Multiple cross-site scripting (XSS) vulnerabilities in the Guestbook module for PHPCMS allow remote attackers to inject arbit... | 4.3 - MEDIUM | 2014-05-14 | 2014-05-15 |
| CVE-2011-0645 json | SQL injection vulnerability in data.php in PHPCMS 2008 V2 allows remote attackers to execute arbitrary SQL commands via the w... | 7.5 - HIGH | 2011-01-25 | 2017-08-17 |
| CVE-2011-0644 json | SQL injection vulnerability in include/admin/model_field.class.php in PHPCMS 2008 V2 allows remote attackers to execute arbit... | 7.5 - HIGH | 2011-01-25 | 2017-08-17 |
| CVE-2008-0513 json | Directory traversal vulnerability in parser/include/class.cache_phpcms.php in phpCMS 1.2.2 allows remote attackers to read ar... | Not Provided | 2008-01-31 | 2026-04-23 |
| CVE-2006-3019 json | Multiple PHP remote file inclusion vulnerabilities in phpCMS 1.2.1pl2 allow remote attackers to execute arbitrary PHP code vi... | 7.5 - HIGH | 2006-06-15 | 2018-10-18 |
| CVE-2005-1840 json | Directory traversal vulnerability in class.layout_phpcms.php in phpCMS 1.2.x before 1.2.1pl2 allows remote attackers to read ... | Not Provided | 2005-06-02 | 2025-04-03 |
| CVE-2004-1203 json | parser.php in phpCMS 1.2.1 and earlier, with non-stealth and debug modes enabled, allows remote attackers to gain sensitive i... | Not Provided | 2005-01-10 | 2025-04-03 |
| CVE-2004-1202 json | Cross-site scripting (XSS) vulnerability in parser.php in phpCMS 1.2.1 and earlier, with non-stealth and debug modes enabled,... | Not Provided | 2005-01-10 | 2025-04-03 |
Known software with vulnerabilities from Phpcms
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Phpcms | Guesbook Module | - |
| Application | Phpcms | Phpcms | 2008 |