Skip to main content

Ilch Cms

4 CVEs product

Monthly

CVE-2021-27352 MEDIUM POC This Month

An open redirect vulnerability in Ilch CMS version 2.1.42 allows attackers to redirect users to an attacker's site after a successful login. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Open Redirect Ilch Cms
NVD GitHub
CVSS 3.1
5.4
EPSS
0.8%
CVE-2019-17046 HIGH POC This Week

Ilch 2.1.22 allows remote code execution because php is listed under "Allowed files" on the index.php/admin/media/settings/index page. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP File Upload RCE Ilch Cms
NVD
CVSS 3.1
7.2
EPSS
4.4%
CVE-2019-17045 MEDIUM POC This Month

Ilch 2.1.22 allows stored XSS via the title, text, or email id to the Jobs Tab. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Ilch Cms
NVD
CVSS 3.1
4.8
EPSS
0.7%
CVE-2014-1944 MEDIUM POC PATCH This Month

Cross-site scripting (XSS) vulnerability in Ilch CMS 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the text parameter to index.php/guestbook/index/newentry. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available.

XSS PHP Ilch Cms
NVD Exploit-DB GitHub VulDB
CVSS 2.0
4.3
EPSS
4.5%
EPSS 1% CVSS 5.4
MEDIUM POC This Month

An open redirect vulnerability in Ilch CMS version 2.1.42 allows attackers to redirect users to an attacker's site after a successful login. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Open Redirect Ilch Cms
NVD GitHub
EPSS 4% CVSS 7.2
HIGH POC This Week

Ilch 2.1.22 allows remote code execution because php is listed under "Allowed files" on the index.php/admin/media/settings/index page. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP File Upload RCE +1
NVD
EPSS 1% CVSS 4.8
MEDIUM POC This Month

Ilch 2.1.22 allows stored XSS via the title, text, or email id to the Jobs Tab. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Ilch Cms
NVD
EPSS 5% CVSS 4.3
MEDIUM POC PATCH This Month

Cross-site scripting (XSS) vulnerability in Ilch CMS 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the text parameter to index.php/guestbook/index/newentry. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available.

XSS PHP Ilch Cms
NVD Exploit-DB GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy