VYPR

PowerCMS XMLRPC API

by Alfasado Inc.

CVEs (1)

  • CVE-2022-33941CriSep 8, 2022
    risk 0.64cvss 9.8epss 0.02

    PowerCMS XMLRPC API provided by Alfasado Inc. contains a command injection vulnerability. Sending a specially crafted message by POST method to PowerCMS XMLRPC API may allow arbitrary Perl script execution, and an arbitrary OS command may be executed through it. Affected…