Skip to main content

Xiaocms

7 CVEs product

Monthly

CVE-2019-6127 HIGH POC This Week

An issue was discovered in XiaoCms 20141229. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi RCE PHP Xiaocms
NVD GitHub
CVSS 3.0
7.2
EPSS
1.5%
CVE-2018-19197 MEDIUM POC This Month

An issue was discovered in XiaoCms 20141229. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal PHP Xiaocms
NVD GitHub
CVSS 3.0
4.9
EPSS
1.4%
CVE-2018-19196 CRITICAL POC Act Now

An issue was discovered in XiaoCms 20141229. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection RCE PHP Xiaocms
NVD GitHub
CVSS 3.0
9.8
EPSS
3.3%
CVE-2018-19195 MEDIUM POC This Month

An issue was discovered in XiaoCms 20141229. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Xiaocms
NVD GitHub
CVSS 3.0
6.1
EPSS
0.7%
CVE-2018-19194 MEDIUM POC This Month

An issue was discovered in XiaoCms 20141229. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure PHP Xiaocms
NVD GitHub
CVSS 3.0
5.3
EPSS
0.9%
CVE-2018-19193 MEDIUM POC This Month

An issue was discovered in XiaoCms 20141229. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Xiaocms
NVD GitHub
CVSS 3.0
6.1
EPSS
0.7%
CVE-2018-19192 HIGH POC This Week

An issue was discovered in XiaoCms 20141229. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF PHP Xiaocms
NVD GitHub
CVSS 3.0
8.8
EPSS
0.5%
EPSS 2% CVSS 7.2
HIGH POC This Week

An issue was discovered in XiaoCms 20141229. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi RCE PHP +1
NVD GitHub
EPSS 1% CVSS 4.9
MEDIUM POC This Month

An issue was discovered in XiaoCms 20141229. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal PHP Xiaocms
NVD GitHub
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

An issue was discovered in XiaoCms 20141229. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection RCE PHP +1
NVD GitHub
EPSS 1% CVSS 6.1
MEDIUM POC This Month

An issue was discovered in XiaoCms 20141229. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Xiaocms
NVD GitHub
EPSS 1% CVSS 5.3
MEDIUM POC This Month

An issue was discovered in XiaoCms 20141229. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure PHP Xiaocms
NVD GitHub
EPSS 1% CVSS 6.1
MEDIUM POC This Month

An issue was discovered in XiaoCms 20141229. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Xiaocms
NVD GitHub
EPSS 1% CVSS 8.8
HIGH POC This Week

An issue was discovered in XiaoCms 20141229. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF PHP Xiaocms
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy