Shodan
Vulnerabilities
Vulnerable Software
Publiccms:  >> Publiccms  Security Vulnerabilities
CVE-2024-40543
PublicCMS v4.0.202302.e was discovered to contain a Server-Side Request Forgery (SSRF) via the component /admin/ueditor?action=catchimage.
CVSS Score
8.8
EPSS Score
0.002
Published
2024-07-12
CVE-2024-40544
PublicCMS v4.0.202302.e was discovered to contain a Server-Side Request Forgery (SSRF) via the component /admin/#maintenance_sysTask/edit.
CVSS Score
8.8
EPSS Score
0.003
Published
2024-07-12
CVE-2024-40545
An arbitrary file upload vulnerability in the component /admin/cmsWebFile/doUpload of PublicCMS v4.0.202302.e allows attackers to execute arbitrary code via uploading a crafted file.
CVSS Score
8.8
EPSS Score
0.002
Published
2024-07-12
CVE-2024-40546
An arbitrary file upload vulnerability in the component /admin/cmsWebFile/save of PublicCMS v4.0.202302.e allows attackers to execute arbitrary code via uploading a crafted file.
CVSS Score
8.8
EPSS Score
0.003
Published
2024-07-12
CVE-2024-40547
PublicCMS v4.0.202302.e was discovered to contain an arbitrary file content replacement vulnerability via the component /admin/cmsTemplate/replace.
CVSS Score
6.5
EPSS Score
0.002
Published
2024-07-12
CVE-2024-40548
An arbitrary file upload vulnerability in the component /admin/cmsTemplate/save of PublicCMS v4.0.202302.e allows attackers to execute arbitrary code via uploading a crafted file.
CVSS Score
8.8
EPSS Score
0.003
Published
2024-07-12
CVE-2024-40549
An arbitrary file upload vulnerability in the component /admin/cmsTemplate/savePlace of PublicCMS v4.0.202302.e allows attackers to execute arbitrary code via uploading a crafted file.
CVSS Score
8.8
EPSS Score
0.003
Published
2024-07-12
CVE-2024-40550
An arbitrary file upload vulnerability in the component /admin/cmsTemplate/savePlaceMetaData of Public CMS v.4.0.202302.e allows attackers to execute arbitrary code via uploading a crafted file.
CVSS Score
8.8
EPSS Score
0.006
Published
2024-07-12
CVE-2024-40551
An arbitrary file upload vulnerability in the component /admin/cmsTemplate/doUpload of PublicCMS v4.0.202302.e allows attackers to execute arbitrary code via uploading a crafted file.
CVSS Score
8.8
EPSS Score
0.002
Published
2024-07-12
CVE-2024-40552
PublicCMS v4.0.202302.e was discovered to contain a remote commande execution (RCE) vulnerability via the cmdarray parameter at /site/ScriptComponent.java.
CVSS Score
8.8
EPSS Score
0.005
Published
2024-07-12


Products
Pricing
Contact Us

Shodan ® - All rights reserved