puppyCMS
by PuppyCMS
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-18888 | Hig | 0.49 | 7.5 | 0.01 | May 6, 2021 | Arbitrary File Deletion vulnerability in puppyCMS v5.1 allows remote malicious attackers to delete the file/folder via /admin/functions.php. | ||
| CVE-2020-18889 | Med | 0.42 | 6.5 | 0.01 | May 6, 2021 | Cross Site Request Forgery (CSRF) vulnerability in puppyCMS v5.1 that can change the admin's password via /admin/settings.php. | ||
| CVE-2022-3464 | Med | 0.28 | 4.3 | 0.01 | Oct 12, 2022 | A vulnerability classified as problematic has been found in puppyCMS up to 5.1. This affects an unknown part of the file /admin/settings.php. The manipulation of the argument site_name leads to cross site scripting. It is possible to initiate the attack remotely. The associated… |
- risk 0.49cvss 7.5epss 0.01
Arbitrary File Deletion vulnerability in puppyCMS v5.1 allows remote malicious attackers to delete the file/folder via /admin/functions.php.
- risk 0.42cvss 6.5epss 0.01
Cross Site Request Forgery (CSRF) vulnerability in puppyCMS v5.1 that can change the admin's password via /admin/settings.php.
- risk 0.28cvss 4.3epss 0.01
A vulnerability classified as problematic has been found in puppyCMS up to 5.1. This affects an unknown part of the file /admin/settings.php. The manipulation of the argument site_name leads to cross site scripting. It is possible to initiate the attack remotely. The associated…