CLTPHP <=6.0 is vulnerable to Unrestricted Upload of File with Dangerous Type via application/admin/controller/Template.php:update.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-05-04
CLTPHP <=6.0 is vulnerable to Improper Input Validation.
CVSS Score
9.8
EPSS Score
0.002
Published
2023-05-04
CLTPHP <=6.0 is vulnerable to Directory Traversal.
CVSS Score
6.5
EPSS Score
0.003
Published
2023-04-26
CLTPHP <=6.0 is vulnerable to Unrestricted Upload of File with Dangerous Type.
CVSS Score
8.8
EPSS Score
0.001
Published
2023-04-26
CLTPHP <=6.0 is vulnerable to Cross Site Scripting (XSS) via application/home/controller/Changyan.php.
CVSS Score
6.1
EPSS Score
0.001
Published
2023-04-26
CLTPHP <=6.0 is vulnerable to Improper Input Validation via application/admin/controller/Template.php.
CVSS Score
8.1
EPSS Score
0.001
Published
2023-04-26
A vulnerability was found in CLTPHP up to 6.0. It has been declared as problematic. Affected by this vulnerability is the POST Parameter Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
3.5
EPSS Score
0.002
Published
2022-03-29