Skip to main content

Adminsystems Cms

2 CVEs product

Monthly

CVE-2015-1604 MEDIUM POC PATCH This Month

Unrestricted file upload vulnerability in asys/site/files.php in Adminsystems CMS before 4.0.2 allows remote authenticated users to execute arbitrary code by uploading a file with an executable. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

RCE PHP File Upload Adminsystems Cms
NVD GitHub
CVSS 2.0
6.5
EPSS
4.4%
CVE-2015-1603 MEDIUM POC PATCH This Month

Multiple cross-site scripting (XSS) vulnerabilities in Adminsystems CMS before 4.0.2 allow remote attackers to inject arbitrary web script or HTML via the (1) page parameter to index.php or (2) id. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available.

XSS PHP Adminsystems Cms
NVD GitHub
CVSS 2.0
4.3
EPSS
0.7%
EPSS 4% CVSS 6.5
MEDIUM POC PATCH This Month

Unrestricted file upload vulnerability in asys/site/files.php in Adminsystems CMS before 4.0.2 allows remote authenticated users to execute arbitrary code by uploading a file with an executable. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

RCE PHP File Upload +1
NVD GitHub
EPSS 1% CVSS 4.3
MEDIUM POC PATCH This Month

Multiple cross-site scripting (XSS) vulnerabilities in Adminsystems CMS before 4.0.2 allow remote attackers to inject arbitrary web script or HTML via the (1) page parameter to index.php or (2) id. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available.

XSS PHP Adminsystems Cms
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy