Doracms
Monthly
DoraCMS 3.0.x contains a path traversal vulnerability in the createFileBypath function that allows authenticated attackers to read, write, or delete arbitrary files on the server. Public exploit code exists for this vulnerability, and no patch is currently available from the vendor.
DoraCMS 3.0.x Email API endpoint /api/v1/mail/send contains an authentication bypass vulnerability that allows unauthenticated remote attackers to send emails and potentially access sensitive functionality. Public exploit code exists for this vulnerability, and no patch is currently available from the vendor despite early disclosure notification. The flaw carries a CVSS score of 7.3 with moderate confidentiality, integrity, and availability impact.
Cross Site Scripting vulnerability in DOraCMS v.2.18 and before allows a remote attacker to execute arbitrary code via the markdown0 function in the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An arbitrary file upload vulnerability in DoraCMS v2.1.8 allow attackers to execute arbitrary code via uploading a crafted HTML or image file to the user avatar. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
DoraCMS v2.1.8 was discovered to re-use the same code for verification of valid usernames and passwords. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
DoraCMS v2.18 and earlier allows attackers to bypass login authentication via a crafted HTTP request. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A stored cross-site scripting (XSS) vulnerability in the component /admin/contenttemp of DoraCMS v2.1.8 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Multiple cross-site scripting (XSS) vulnerabilities in /api/content/addOne in DoraCMS v2.0.3 allow remote attackers to inject arbitrary web script or HTML via the (1) discription or (2) comments. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
DoraCMS 3.0.x contains a path traversal vulnerability in the createFileBypath function that allows authenticated attackers to read, write, or delete arbitrary files on the server. Public exploit code exists for this vulnerability, and no patch is currently available from the vendor.
DoraCMS 3.0.x Email API endpoint /api/v1/mail/send contains an authentication bypass vulnerability that allows unauthenticated remote attackers to send emails and potentially access sensitive functionality. Public exploit code exists for this vulnerability, and no patch is currently available from the vendor despite early disclosure notification. The flaw carries a CVSS score of 7.3 with moderate confidentiality, integrity, and availability impact.
Cross Site Scripting vulnerability in DOraCMS v.2.18 and before allows a remote attacker to execute arbitrary code via the markdown0 function in the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An arbitrary file upload vulnerability in DoraCMS v2.1.8 allow attackers to execute arbitrary code via uploading a crafted HTML or image file to the user avatar. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
DoraCMS v2.1.8 was discovered to re-use the same code for verification of valid usernames and passwords. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
DoraCMS v2.18 and earlier allows attackers to bypass login authentication via a crafted HTTP request. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A stored cross-site scripting (XSS) vulnerability in the component /admin/contenttemp of DoraCMS v2.1.8 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Multiple cross-site scripting (XSS) vulnerabilities in /api/content/addOne in DoraCMS v2.0.3 allow remote attackers to inject arbitrary web script or HTML via the (1) discription or (2) comments. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.