CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Wcms: >> Wcms Security Vulnerabilities

CVE-2019-14240

WCMS v0.3.2 has a CSRF vulnerability, with resultant directory traversal, to modify index.html via the /wex/html.php?finish=../index.html URI.

CVSS Score

8.1

EPSS Score

0.003

Published

2019-07-23

CVE-2019-11377

wcms/wex/finder/action.php in WCMS v0.3.2 has a Arbitrary File Upload Vulnerability via developer/finder because .php is a valid extension according to the fm_get_text_exts function.

CVSS Score

8.8

EPSS Score

0.004

Published

2019-04-20

Page 2

Vulnerabilities

Vulnerable Software

Wcms: >> Wcms Security Vulnerabilities

Products

Pricing

Contact Us