Show filters
7 Total Results
Displaying 1-7 of 7
Sort by:
Attacker Value
Unknown
CVE-2020-18404
Disclosure Date: June 27, 2023 (last updated February 25, 2025)
An issue was discovered in espcms version P8.18101601. There is a cross site scripting (XSS) vulnerability that allows arbitrary code to be executed via the title parameter.
0
Attacker Value
Unknown
CVE-2023-23007
Disclosure Date: February 17, 2023 (last updated February 24, 2025)
An issue was discovered in ESPCMS P8.21120101 after logging in to the background, there is a SQL injection vulnerability in the function node where members are added.
0
Attacker Value
Unknown
CVE-2022-44088
Disclosure Date: November 10, 2022 (last updated December 22, 2024)
ESPCMS P8.21120101 was discovered to contain a remote code execution (RCE) vulnerability in the component INPUT_ISDESCRIPTION.
0
Attacker Value
Unknown
CVE-2022-44089
Disclosure Date: November 10, 2022 (last updated December 22, 2024)
ESPCMS P8.21120101 was discovered to contain a remote code execution (RCE) vulnerability in the component IS_GETCACHE.
0
Attacker Value
Unknown
CVE-2022-44087
Disclosure Date: November 10, 2022 (last updated December 22, 2024)
ESPCMS P8.21120101 was discovered to contain a remote code execution (RCE) vulnerability in the component UPFILE_PIC_ZOOM_HIGHT.
0
Attacker Value
Unknown
CVE-2022-33085
Disclosure Date: June 30, 2022 (last updated October 07, 2023)
ESPCMS P8 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the fetch_filename function at \espcms_public\espcms_templates\ESPCMS_Templates.
0
Attacker Value
Unknown
CVE-2020-18913
Disclosure Date: August 24, 2021 (last updated February 23, 2025)
EARCLINK ESPCMS-P8 was discovered to contain a SQL injection vulnerability in the espcms_web/Search.php component via the attr_array parameter. This vulnerability allows attackers to access sensitive database information.
0
