Pluxml
by Pluxml
Source repositories
CVEs (25)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-38602 | 0.00 | — | 0.01 | Aug 12, 2021 | PluXML 5.8.7 allows Article Editing stored XSS via Headline or Content. | |||
| CVE-2020-18185 | 0.00 | — | 0.02 | Oct 2, 2020 | class.plx.admin.php in PluXml 5.7 allows attackers to execute arbitrary PHP code by modify the configuration file in a linux environment. | |||
| CVE-2020-18184 | 0.00 | — | 0.01 | Oct 2, 2020 | In PluxXml V5.7,the theme edit function /PluXml/core/admin/parametres_edittpl.php allows remote attackers to execute arbitrary PHP code by placing this code into a template. | |||
| CVE-2012-4675 | 0.00 | — | 0.01 | Aug 26, 2012 | Cross-site scripting (XSS) vulnerability in PluXml 5.1.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to file update. | |||
| CVE-2012-4674 | 0.00 | — | 0.01 | Aug 26, 2012 | PluXml before 5.1.6 allows remote attackers to obtain the installation path via the PHPSESSID. |
- CVE-2021-38602Aug 12, 2021risk 0.00cvss —epss 0.01
PluXML 5.8.7 allows Article Editing stored XSS via Headline or Content.
- CVE-2020-18185Oct 2, 2020risk 0.00cvss —epss 0.02
class.plx.admin.php in PluXml 5.7 allows attackers to execute arbitrary PHP code by modify the configuration file in a linux environment.
- CVE-2020-18184Oct 2, 2020risk 0.00cvss —epss 0.01
In PluxXml V5.7,the theme edit function /PluXml/core/admin/parametres_edittpl.php allows remote attackers to execute arbitrary PHP code by placing this code into a template.
- CVE-2012-4675Aug 26, 2012risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in PluXml 5.1.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to file update.
- CVE-2012-4674Aug 26, 2012risk 0.00cvss —epss 0.01
PluXml before 5.1.6 allows remote attackers to obtain the installation path via the PHPSESSID.
Page 2 of 2