Portfoliocms Project: >> Portfoliocms Security Vulnerabilities
Race condition vulnerability discovered in portfolioCMS 1.0 allows remote attackers to run arbitrary code via fileExt parameter to localhost/admin/uploads.php.
CVSS Score
8.1
EPSS Score
0.003
Published
2023-02-03
Westbrookadmin portfolioCMS v1.05 allows attackers to bypass password validation and access sensitive information via session fixation.
CVSS Score
7.5
EPSS Score
0.0
Published
2023-01-31
An issue was discovered in portfolioCMS 1.0.5. There is CSRF to update the website settings via admin/aboutus.php.
CVSS Score
4.3
EPSS Score
0.001
Published
2018-08-25
An issue was discovered in portfolioCMS 1.0.5. There is CSRF to create new pages via admin/portfolio.php?newpage=true.
CVSS Score
8.8
EPSS Score
0.001
Published
2018-08-25
portfolioCMS 1.0.5 allows upload of arbitrary .php files via the admin/portfolio.php?newpage=true URI.
CVSS Score
8.8
EPSS Score
0.004
Published
2018-06-13
portfolioCMS 1.0.5 has SQL Injection via the admin/portfolio.php preview parameter.
CVSS Score
7.2
EPSS Score
0.003
Published
2018-06-11