VYPR

puppyCMS

by choregus

CVEs (3)

  • CVE-2020-18890CriMay 6, 2021
    risk 0.64cvss 9.8epss 0.02

    Rmote Code Execution (RCE) vulnerability in puppyCMS v5.1 due to insecure permissions, which could let a remote malicious user getshell via /admin/functions.php.

  • CVE-2020-18889MedMay 6, 2021
    risk 0.42cvss 6.5epss 0.01

    Cross Site Request Forgery (CSRF) vulnerability in puppyCMS v5.1 that can change the admin's password via /admin/settings.php.

  • CVE-2018-15847MedAug 25, 2018
    risk 0.40cvss 6.1epss 0.01

    An issue was discovered in puppyCMS 5.1. There is an XSS vulnerability via menu.php in the "Add Page/URL" URL link field.