Rgcms Project: Security Vulnerabilities
An arbitrary file write vulnerability in RGCMS v1.06 allows attackers to execute arbitrary code via a crafted PHP file.
CVSS Score
7.2
EPSS Score
0.01
Published
2021-09-15
An arbitrary file upload vulnerability in RGCMS v1.06 allows attackers to execute arbitrary code via a crafted .txt file which is later changed to a PHP file.
CVSS Score
7.2
EPSS Score
0.01
Published
2021-09-15
A cross-site scripting (XSS) vulnerability in RGCMS v1.06 allows attackers to obtain the administrator's cookie via a crafted payload in the Name field under the Message Board module
CVSS Score
5.4
EPSS Score
0.002
Published
2021-09-15