Wellcms: Security Vulnerabilities
Wellcms 2.2.0 is vulnerable to Cross Site Request Forgery (CSRF).
CVSS Score
8.8
EPSS Score
0.001
Published
2022-08-19
WellCMS 2.0 beta3 is vulnerable to File Upload. A user can log in to the CMS background and upload a picture. Because the upload file type is controllable, the user can modify the upload file type to get webshell.
CVSS Score
6.5
EPSS Score
0.002
Published
2021-06-03