Skip to main content

Powercms

5 CVEs product

Monthly

CVE-2023-50297 MEDIUM This Month

Open redirect vulnerability in PowerCMS (6 Series, 5 Series, and 4 Series) allows a remote unauthenticated attacker to redirect users to arbitrary web sites via a specially crafted URL. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Powercms
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-49117 MEDIUM This Month

PowerCMS (6 Series, 5 Series, and 4 Series) contains a stored cross-site scripting vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Powercms
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2022-33941 CRITICAL PATCH Act Now

PowerCMS XMLRPC API provided by Alfasado Inc. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Command Injection Powercms
NVD
CVSS 3.1
9.8
EPSS
1.7%
CVE-2021-20850 CRITICAL PATCH Act Now

PowerCMS XMLRPC API of PowerCMS 5.19 and earlier, PowerCMS 4.49 and earlier, PowerCMS 3.295 and earlier, and PowerCMS 2 Series (End-of-Life, EOL) allows a remote attacker to execute an arbitrary OS. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Command Injection Powercms
NVD
CVSS 3.1
9.8
EPSS
1.5%
CVE-2019-6020 MEDIUM This Month

Open redirect vulnerability in PowerCMS 5.12 and earlier (PowerCMS 5.x), 4.42 and earlier (PowerCMS 4.x), and 3.293 and earlier (PowerCMS 3.x) allows remote attackers to redirect users to arbitrary. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Powercms
NVD
CVSS 3.1
6.1
EPSS
0.9%
EPSS 0% CVSS 6.1
MEDIUM This Month

Open redirect vulnerability in PowerCMS (6 Series, 5 Series, and 4 Series) allows a remote unauthenticated attacker to redirect users to arbitrary web sites via a specially crafted URL. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Powercms
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

PowerCMS (6 Series, 5 Series, and 4 Series) contains a stored cross-site scripting vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Powercms
NVD
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

PowerCMS XMLRPC API provided by Alfasado Inc. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Command Injection Powercms
NVD
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

PowerCMS XMLRPC API of PowerCMS 5.19 and earlier, PowerCMS 4.49 and earlier, PowerCMS 3.295 and earlier, and PowerCMS 2 Series (End-of-Life, EOL) allows a remote attacker to execute an arbitrary OS. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Command Injection Powercms
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

Open redirect vulnerability in PowerCMS 5.12 and earlier (PowerCMS 5.x), 4.42 and earlier (PowerCMS 4.x), and 3.293 and earlier (PowerCMS 3.x) allows remote attackers to redirect users to arbitrary. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Powercms
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy