VYPR

Pluxml

by Pluxml

Source repositories

CVEs (25)

  • CVE-2021-38602Aug 12, 2021
    risk 0.00cvss epss 0.01

    PluXML 5.8.7 allows Article Editing stored XSS via Headline or Content.

  • CVE-2020-18185Oct 2, 2020
    risk 0.00cvss epss 0.02

    class.plx.admin.php in PluXml 5.7 allows attackers to execute arbitrary PHP code by modify the configuration file in a linux environment.

  • CVE-2020-18184Oct 2, 2020
    risk 0.00cvss epss 0.01

    In PluxXml V5.7,the theme edit function /PluXml/core/admin/parametres_edittpl.php allows remote attackers to execute arbitrary PHP code by placing this code into a template.

  • CVE-2012-4675Aug 26, 2012
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in PluXml 5.1.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to file update.

  • CVE-2012-4674Aug 26, 2012
    risk 0.00cvss epss 0.01

    PluXml before 5.1.6 allows remote attackers to obtain the installation path via the PHPSESSID.

Page 2 of 2