CVE-2024-40552
https://notcve.org/view.php?id=CVE-2024-40552
PublicCMS v4.0.202302.e was discovered to contain a remote commande execution (RCE) vulnerability via the cmdarray parameter at /site/ScriptComponent.java. • https://gitee.com/sanluan/PublicCMS/issues/IAAMMU •
CVE-2024-40549
https://notcve.org/view.php?id=CVE-2024-40549
An arbitrary file upload vulnerability in the component /admin/cmsTemplate/savePlace of PublicCMS v4.0.202302.e allows attackers to execute arbitrary code via uploading a crafted file. • https://gitee.com/sanluan/PublicCMS/issues/IAALNE • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVE-2024-40548
https://notcve.org/view.php?id=CVE-2024-40548
An arbitrary file upload vulnerability in the component /admin/cmsTemplate/save of PublicCMS v4.0.202302.e allows attackers to execute arbitrary code via uploading a crafted file. • https://gitee.com/sanluan/PublicCMS/issues/IAALCK • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVE-2024-40544
https://notcve.org/view.php?id=CVE-2024-40544
PublicCMS v4.0.202302.e was discovered to contain a Server-Side Request Forgery (SSRF) via the component /admin/#maintenance_sysTask/edit. • https://gitee.com/sanluan/PublicCMS/issues/IAAIX8 • CWE-918: Server-Side Request Forgery (SSRF) •
CVE-2024-40547
https://notcve.org/view.php?id=CVE-2024-40547
PublicCMS v4.0.202302.e was discovered to contain an arbitrary file content replacement vulnerability via the component /admin/cmsTemplate/replace. • https://gitee.com/sanluan/PublicCMS/issues/IAAL70 •