Show filters
6 Total Results
Displaying 1-6 of 6
Sort by:
Attacker Value
Unknown
CVE-2021-36532
Disclosure Date: February 03, 2023 (last updated October 08, 2023)
Race condition vulnerability discovered in portfolioCMS 1.0 allows remote attackers to run arbitrary code via fileExt parameter to localhost/admin/uploads.php.
0
Attacker Value
Unknown
CVE-2020-20402
Disclosure Date: January 31, 2023 (last updated October 08, 2023)
Westbrookadmin portfolioCMS v1.05 allows attackers to bypass password validation and access sensitive information via session fixation.
0
Attacker Value
Unknown
CVE-2018-15849
Disclosure Date: August 25, 2018 (last updated November 27, 2024)
An issue was discovered in portfolioCMS 1.0.5. There is CSRF to update the website settings via admin/aboutus.php.
0
Attacker Value
Unknown
CVE-2018-15848
Disclosure Date: August 25, 2018 (last updated November 27, 2024)
An issue was discovered in portfolioCMS 1.0.5. There is CSRF to create new pages via admin/portfolio.php?newpage=true.
0
Attacker Value
Unknown
CVE-2018-12263
Disclosure Date: June 13, 2018 (last updated November 26, 2024)
portfolioCMS 1.0.5 allows upload of arbitrary .php files via the admin/portfolio.php?newpage=true URI.
0
Attacker Value
Unknown
CVE-2018-12110
Disclosure Date: June 11, 2018 (last updated November 26, 2024)
portfolioCMS 1.0.5 has SQL Injection via the admin/portfolio.php preview parameter.
0