Skip to main content

Nc Cms

4 CVEs product

Monthly

CVE-2019-7721 HIGH POC This Week

lib/NCCms.class.php in nc-cms 3.5 allows upload of .php files via the index.php?action=save name and editordata parameters. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP File Upload Nc Cms
NVD GitHub
CVSS 3.0
7.5
EPSS
1.2%
CVE-2018-18874 CRITICAL POC Act Now

nc-cms through 2017-03-10 allows remote attackers to execute arbitrary PHP code via the "Upload File or Image" feature, with a .php filename and "Content-Type: application/octet-stream" to the. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload PHP Nc Cms
NVD GitHub
CVSS 3.0
9.8
EPSS
2.1%
CVE-2018-18361 MEDIUM This Month

An issue was discovered in nc-cms through 2017-03-10. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS PHP Nc Cms
NVD GitHub
CVSS 3.0
6.1
EPSS
0.8%
CVE-2018-18290 MEDIUM This Month

An issue was discovered in nc-cms through 2017-03-10. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS PHP Nc Cms
NVD GitHub
CVSS 3.0
4.8
EPSS
0.6%
EPSS 1% CVSS 7.5
HIGH POC This Week

lib/NCCms.class.php in nc-cms 3.5 allows upload of .php files via the index.php?action=save name and editordata parameters. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP File Upload Nc Cms
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

nc-cms through 2017-03-10 allows remote attackers to execute arbitrary PHP code via the "Upload File or Image" feature, with a .php filename and "Content-Type: application/octet-stream" to the. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload PHP Nc Cms
NVD GitHub
EPSS 1% CVSS 6.1
MEDIUM This Month

An issue was discovered in nc-cms through 2017-03-10. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS PHP Nc Cms
NVD GitHub
EPSS 1% CVSS 4.8
MEDIUM This Month

An issue was discovered in nc-cms through 2017-03-10. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS PHP Nc Cms
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy