VYPR

appcms

by Source Trace

CVEs (6)

  • CVE-2020-36006MedJun 3, 2021
    risk 0.42cvss 6.5epss 0.01

    AppCMS 2.0.101 in /admin/info.php has an arbitrary file deletion vulnerability which allows attackers to delete arbitrary files on the site.

  • CVE-2020-36005MedJun 3, 2021
    risk 0.42cvss 6.5epss 0.01

    AppCMS 2.0.101 in /admin/app.php has an arbitrary file deletion vulnerability which allows attackers to delete arbitrary files on the site.

  • CVE-2020-36004MedJun 3, 2021
    risk 0.42cvss 6.5epss 0.01

    AppCMS 2.0.101 in /admin/download_frame.php has a SQL injection vulnerability which allows attackers to obtain sensitive database information.

  • CVE-2021-45380MedJan 23, 2022
    risk 0.40cvss 6.1epss 0.03

    AppCMS 2.0.101 has a XSS injection vulnerability in \templates\m\inc_head.php

  • CVE-2020-36007MedJun 3, 2021
    risk 0.40cvss 6.1epss 0.01

    AppCMS 2.0.101 in /admin/template/tpl_app.php has a cross site scripting attack vulnerability which allows the attacker to obtain sensitive information of other users.

  • CVE-2019-9595MedMar 6, 2019
    risk 0.40cvss 6.1epss 0.01

    AppCMS 2.0.101 allows XSS via the upload/callback.php params parameter.