Dbhcms Project: Security Vulnerabilities
DBHcms v1.2.0 has a stored XSS vulnerability as there is no htmlspecialchars function for '$_POST['pageparam_insert_description']' variable in dbhcms\mod\mod.page.edit.php line 227, A remote authenticated with admin user can exploit this vulnerability to hijack other users.
CVSS Score
4.8
EPSS Score
0.002
Published
2020-08-24
DBHcms v1.2.0 has an unauthorized operation vulnerability because there's no access control at line 175 of dbhcms\page.php for empty cache operation. This vulnerability can be exploited to empty a table.
CVSS Score
5.9
EPSS Score
0.002
Published
2020-08-24
DBHcms v1.2.0 has no CSRF protection mechanism,as demonstrated by CSRF for index.php?dbhcms_pid=-70 can add a user.
CVSS Score
8.8
EPSS Score
0.001
Published
2020-08-24
DBHcms v1.2.0 has an Arbitrary file read vulnerability in dbhcms\mod\mod.editor.php $_GET['file'] is filename,and as there is no filter function for security, you can read any file's content.
CVSS Score
4.9
EPSS Score
0.003
Published
2020-08-24
DBHcms v1.2.0 has a directory traversal vulnerability as there is no directory control function in directory /dbhcms/. A remote unauthenticated attacker can exploit this vulnerability to obtain server-sensitive information.
CVSS Score
5.3
EPSS Score
0.006
Published
2020-08-24
Page 2