Articlecms Project: >> Articlecms >> 1.0 Security Vulnerabilities
File Upload vulnerability exists in ArticleCMS 1.0 via the image upload feature at /admin by changing the Content-Type to image/jpeg and placing PHP code after the JPEG data, which could let a remote malicious user execute arbitrary PHP code.
CVSS Score
9.8
EPSS Score
0.004
Published
2021-05-13
ArticleCMS through 2017-02-19 has XSS via the /update_personal_infomation realname or email parameter.
CVSS Score
6.1
EPSS Score
0.002
Published
2018-11-23
ArticleCMS through 2017-02-19 has XSS via an "add an article" action.
CVSS Score
5.4
EPSS Score
0.002
Published
2018-06-13