CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-14399
https://notcve.org/view.php?id=CVE-2018-14399
19 Jul 2018 — libs\classes\attachment.class.php in PHPCMS 9.6.0 allows remote attackers to upload and execute arbitrary PHP code via a .txt?.php#.jpg URI in the SRC attribute of an IMG element within info[content] JSON data to the index.php?m=member&c=index&a=register URI. libs\classes\attachment.class.php en PHPCMS 9.6.0 permite que atacantes remotos suban y ejecuten código PHP arbitrario mediante un URI .txt?.php#.jpg en el atributo SRC de un elemento IMG en los datos JSON info[content] en el URI index.php?m=memberc=in... • http://www.an-sheng.cc/index.php/archives/4 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 4CVE-2011-0644 – phpCMS 2008 - SQL Injection
https://notcve.org/view.php?id=CVE-2011-0644
25 Jan 2011 — SQL injection vulnerability in include/admin/model_field.class.php in PHPCMS 2008 V2 allows remote attackers to execute arbitrary SQL commands via the modelid parameter to flash_upload.php. Vulnerabilidad de inyección SQL en include/admin/model_field.class.php para PHPCMS 2008 V2 permite a atacantes remotos ejecutar comandos SQL a través del parámetro modelid en flash_upload.php. • https://www.exploit-db.com/exploits/16019 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 4CVE-2011-0645 – phpCMS 2008 - SQL Injection
https://notcve.org/view.php?id=CVE-2011-0645
25 Jan 2011 — SQL injection vulnerability in data.php in PHPCMS 2008 V2 allows remote attackers to execute arbitrary SQL commands via the where_time parameter in a get action. Vulnerabilidad de inyección SQL en data.php para PHPCMS 2008 V2 permite a atacantes remotos ejecutar comandos SQL a través del parámetro where_time en una acción "get". • https://www.exploit-db.com/exploits/16019 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.8EPSS: 5%CPEs: 1EXPL: 2CVE-2008-0513 – phpCMS 1.2.2 - 'file' Remote File Disclosure
https://notcve.org/view.php?id=CVE-2008-0513
31 Jan 2008 — Directory traversal vulnerability in parser/include/class.cache_phpcms.php in phpCMS 1.2.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter to parser/parser.php, as demonstrated by a filename ending with %00.gif, a different vector than CVE-2005-1840. Vulnerabilidad de salto de directorio en parser/include/class.cache_phpcms.php en phpCMS 1.2.2. Permite a atacantes remotos leer archivos arbitrarios a través de .. (punto punto) en el parámetro file a parser/parser.php,... • https://www.exploit-db.com/exploits/5006 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.8EPSS: 3%CPEs: 1EXPL: 10CVE-2006-3019 – phpCMS 1.1.7 - 'class.cache_PHPcms.php' Remote File Inclusion
https://notcve.org/view.php?id=CVE-2006-3019
15 Jun 2006 — Multiple PHP remote file inclusion vulnerabilities in phpCMS 1.2.1pl2 allow remote attackers to execute arbitrary PHP code via a URL in the PHPCMS_INCLUDEPATH parameter to files in parser/include/ including (1) class.parser_phpcms.php, (2) class.session_phpcms.php, (3) class.edit_phpcms.php, (4) class.http_indexer_phpcms.php, (5) class.cache_phpcms.php, (6) class.search_phpcms.php, (7) class.lib_indexer_universal_phpcms.php, and (8) class.layout_phpcms.php, (9) parser/plugs/counter.php, and (10) parser/pars... • https://www.exploit-db.com/exploits/29349 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.5EPSS: 1%CPEs: 4EXPL: 0CVE-2005-1840
https://notcve.org/view.php?id=CVE-2005-1840
02 Jun 2005 — Directory traversal vulnerability in class.layout_phpcms.php in phpCMS 1.2.x before 1.2.1pl2 allows remote attackers to read or include arbitrary files, as demonstrated using a .. (dot dot) in the language parameter to parser.php. • http://cvs.sourceforge.net/viewcvs.py/phpcms/phpcms/parser/include/class.layout_phpcms.php?rev=1.12.2.37&view=markup •
CVSS: 6.8EPSS: 1%CPEs: 3EXPL: 1CVE-2004-1202
https://notcve.org/view.php?id=CVE-2004-1202
15 Dec 2004 — Cross-site scripting (XSS) vulnerability in parser.php in phpCMS 1.2.1 and earlier, with non-stealth and debug modes enabled, allows remote attackers to inject arbitrary web script or HTML via the file parameter. • http://lists.grok.org.uk/pipermail/full-disclosure/2004-November/029499.html •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2004-1203
https://notcve.org/view.php?id=CVE-2004-1203
15 Dec 2004 — parser.php in phpCMS 1.2.1 and earlier, with non-stealth and debug modes enabled, allows remote attackers to gain sensitive information via an invalid file parameter, which reveals the web server's installation path. • http://lists.grok.org.uk/pipermail/full-disclosure/2004-November/029499.html •