Skip to main content

Portfoliocms

4 CVEs product

Monthly

CVE-2018-15849 MEDIUM This Month

An issue was discovered in portfolioCMS 1.0.5. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF PHP Portfoliocms
NVD GitHub
CVSS 3.0
4.3
EPSS
0.4%
CVE-2018-15848 HIGH This Week

An issue was discovered in portfolioCMS 1.0.5. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF PHP Portfoliocms
NVD GitHub
CVSS 3.0
8.8
EPSS
0.5%
CVE-2018-12263 HIGH This Week

portfolioCMS 1.0.5 allows upload of arbitrary .php files via the admin/portfolio.php?newpage=true URI. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

File Upload PHP Portfoliocms
NVD GitHub
CVSS 3.0
8.8
EPSS
1.1%
CVE-2018-12110 HIGH POC This Week

portfolioCMS 1.0.5 has SQL Injection via the admin/portfolio.php preview parameter. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Portfoliocms
NVD GitHub
CVSS 3.0
7.2
EPSS
1.1%
EPSS 0% CVSS 4.3
MEDIUM This Month

An issue was discovered in portfolioCMS 1.0.5. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF PHP Portfoliocms
NVD GitHub
EPSS 0% CVSS 8.8
HIGH This Week

An issue was discovered in portfolioCMS 1.0.5. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF PHP Portfoliocms
NVD GitHub
EPSS 1% CVSS 8.8
HIGH This Week

portfolioCMS 1.0.5 allows upload of arbitrary .php files via the admin/portfolio.php?newpage=true URI. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

File Upload PHP Portfoliocms
NVD GitHub
EPSS 1% CVSS 7.2
HIGH POC This Week

portfolioCMS 1.0.5 has SQL Injection via the admin/portfolio.php preview parameter. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Portfoliocms
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy