RGCMS
by RGCMS
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-21481 | Hig | 0.47 | 7.2 | 0.02 | Sep 15, 2021 | An arbitrary file upload vulnerability in RGCMS v1.06 allows attackers to execute arbitrary code via a crafted .txt file which is later changed to a PHP file. | ||
| CVE-2020-21480 | Hig | 0.47 | 7.2 | 0.02 | Sep 15, 2021 | An arbitrary file write vulnerability in RGCMS v1.06 allows attackers to execute arbitrary code via a crafted PHP file. | ||
| CVE-2020-21482 | Med | 0.35 | 5.4 | 0.01 | Sep 15, 2021 | A cross-site scripting (XSS) vulnerability in RGCMS v1.06 allows attackers to obtain the administrator's cookie via a crafted payload in the Name field under the Message Board module |
- risk 0.47cvss 7.2epss 0.02
An arbitrary file upload vulnerability in RGCMS v1.06 allows attackers to execute arbitrary code via a crafted .txt file which is later changed to a PHP file.
- risk 0.47cvss 7.2epss 0.02
An arbitrary file write vulnerability in RGCMS v1.06 allows attackers to execute arbitrary code via a crafted PHP file.
- risk 0.35cvss 5.4epss 0.01
A cross-site scripting (XSS) vulnerability in RGCMS v1.06 allows attackers to obtain the administrator's cookie via a crafted payload in the Name field under the Message Board module