Shodan
Vulnerabilities
Vulnerable Software
Douco:  >> Douphp  Security Vulnerabilities
CVE-2024-57599
Cross Site Scripting vulnerability in DouPHP v.1.8 Release 20231203 allows attackers to execute arbitrary code via a crafted payload injected into the description parameter in /admin/article.php
CVSS Score
4.8
EPSS Score
0.0
Published
2025-02-06
CVE-2024-7917
A vulnerability, which was classified as critical, has been found in DouPHP 1.7 Release 20220822. Affected by this issue is some unknown functionality of the file /admin/system.php of the component Favicon Handler. The manipulation of the argument site_favicon leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
4.7
EPSS Score
0.003
Published
2024-08-18
CVE-2022-46438
A cross-site scripting (XSS) vulnerability in the /admin/article_category.php component of DouPHP v1.7 20221118 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the description parameter.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-01-13
CVE-2022-24131
DouPHP v1.6 Release 20220121 is affected by Cross Site Scripting (XSS) through /admin/login.php in the background, which will lead to JavaScript code execution.
CVSS Score
6.1
EPSS Score
0.004
Published
2022-03-30
CVE-2022-25574
A stored cross-site scripting (XSS) vulnerability in the upload function of /admin/show.php allows attackers to execute arbitrary web scripts or HTML via a crafted image file.
CVSS Score
4.8
EPSS Score
0.006
Published
2022-03-25
CVE-2021-3370
DouPHP v1.6 was discovered to contain a cross-site scripting (XSS) vulnerability via /admin/cloud.php.
CVSS Score
6.1
EPSS Score
0.002
Published
2021-12-08
CVE-2019-12564
In DouCo DouPHP v1.5 Release 20190516, remote attackers can view the database backup file via a brute-force guessing approach for data/backup/DyyyymmddThhmmss.sql filenames.
CVSS Score
9.8
EPSS Score
0.004
Published
2019-06-03
CVE-2018-20557
An issue was discovered in DouCo DouPHP 1.5 20181221. admin/page.php?rec=edit has XSS via the page_name parameter.
CVSS Score
4.8
EPSS Score
0.002
Published
2018-12-28
CVE-2018-20558
An issue was discovered in DouCo DouPHP 1.5 20181221. admin/system.php?rec=update has XSS via the site_name parameter.
CVSS Score
4.8
EPSS Score
0.002
Published
2018-12-28
CVE-2018-20559
An issue was discovered in DouCo DouPHP 1.5 20181221. admin/product.php?rec=update has XSS via the name parameter.
CVSS Score
4.8
EPSS Score
0.002
Published
2018-12-28


Products
Pricing
Contact Us

Shodan ® - All rights reserved