VYPR

SDcms

by SDcms

CVEs (5)

  • CVE-2019-9651CriMar 11, 2019
    risk 0.64cvss 9.8epss 0.03

    An issue was discovered in SDCMS V1.7. In the \app\admin\controller\themecontroller.php file, the check_bad() function's filtering is not strict, resulting in PHP code execution. This occurs because some dangerous PHP functions (such as "eval") are blocked but others (such as…

  • CVE-2019-9652HigMar 11, 2019
    risk 0.57cvss 8.8epss 0.01

    There is a CSRF in SDCMS V1.7 via an m=admin&c=theme&a=edit request. It allows PHP code injection by providing a filename in the file parameter, and providing file content in the t2 parameter.

  • CVE-2018-19520HigNov 25, 2018
    risk 0.57cvss 8.8epss 0.03

    An issue was discovered in SDCMS 1.6 with PHP 5.x. app/admin/controller/themecontroller.php uses a check_bad function in an attempt to block certain PHP functions such as eval, but does not prevent use of preg_replace 'e' calls, allowing users to execute arbitrary code by…

  • CVE-2018-11004HigMay 12, 2018
    risk 0.57cvss 8.8epss 0.01

    An issue was discovered in SDcms v1.5. Cross-site request forgery (CSRF) vulnerability in /WWW//app/admin/controller/admincontroller.php allows remote attackers to add administrator accounts via m=admin&c=admin&a=add.

  • CVE-2018-19748HigNov 29, 2018
    risk 0.49cvss 7.5epss 0.02

    app/plug/attachment/controller/admincontroller.php in SDCMS 1.6 allows reading arbitrary files via a /?m=plug&c=admin&a=index&p=attachment&root= directory traversal. The value of the root parameter must be base64 encoded (note that base64 encoding, instead of URL encoding, is…