Gxlcms
by Gxlcms
CVEs (9)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-20975 | Cri | 0.64 | 9.8 | 0.01 | Aug 12, 2021 | In \lib\admin\action\dataaction.class.php in Gxlcms v1.1, SQL Injection exists via the $filename parameter. | ||
| CVE-2018-18488 | Cri | 0.64 | 9.8 | 0.01 | Oct 18, 2018 | In \lib\admin\action\dataaction.class.php in Gxlcms v2.0, SQL Injection exists via the ids[] parameter. | ||
| CVE-2018-14685 | Cri | 0.64 | 9.8 | 0.02 | Jul 28, 2018 | The add function in www/Lib/Lib/Action/Admin/TplAction.class.php in Gxlcms v1.1.4 allows remote attackers to read arbitrary files via a crafted index.php?s=Admin-Tpl-ADD-id request, related to Lib/Common/Admin/function.php. | ||
| CVE-2018-15177 | Hig | 0.57 | 8.8 | 0.01 | Aug 8, 2018 | In Gxlcms 2.0, a news/index.php?s=Admin-Admin-Insert CSRF attack can add an administrator account. | ||
| CVE-2018-18487 | Hig | 0.49 | 7.5 | 0.01 | Oct 18, 2018 | In \lib\admin\action\dataaction.class.php in Gxlcms v2.0, the database backup filename generation uses mt_rand() unsafely, resulting in predictable database backup file locations. | ||
| CVE-2017-14979 | Hig | 0.49 | 7.5 | 0.01 | Oct 3, 2017 | Gxlcms uses an unsafe character-replacement approach in an attempt to restrict access, which allows remote attackers to read arbitrary files via modified pathnames in the s parameter to index.php, related to Lib/Admin/Action/TplAction.class.php and Lib/Admin/Common/function.php. | ||
| CVE-2018-16436 | Hig | 0.47 | 7.2 | 0.01 | Sep 5, 2018 | Gxlcms 2.0 before bug fix 20180915 has SQL Injection exploitable by an administrator. | ||
| CVE-2018-16655 | Med | 0.40 | 6.1 | 0.01 | Sep 7, 2018 | Gxlcms 1.0 has XSS via the PATH_INFO to gx/lib/ThinkPHP/Tpl/ThinkException.tpl.php. | ||
| CVE-2018-16437 | Med | 0.32 | 4.9 | 0.02 | Sep 5, 2018 | Gxlcms 2.0 before bug fix 20180915 has Directory Traversal exploitable by an administrator. |
- risk 0.64cvss 9.8epss 0.01
In \lib\admin\action\dataaction.class.php in Gxlcms v1.1, SQL Injection exists via the $filename parameter.
- risk 0.64cvss 9.8epss 0.01
In \lib\admin\action\dataaction.class.php in Gxlcms v2.0, SQL Injection exists via the ids[] parameter.
- risk 0.64cvss 9.8epss 0.02
The add function in www/Lib/Lib/Action/Admin/TplAction.class.php in Gxlcms v1.1.4 allows remote attackers to read arbitrary files via a crafted index.php?s=Admin-Tpl-ADD-id request, related to Lib/Common/Admin/function.php.
- risk 0.57cvss 8.8epss 0.01
In Gxlcms 2.0, a news/index.php?s=Admin-Admin-Insert CSRF attack can add an administrator account.
- risk 0.49cvss 7.5epss 0.01
In \lib\admin\action\dataaction.class.php in Gxlcms v2.0, the database backup filename generation uses mt_rand() unsafely, resulting in predictable database backup file locations.
- risk 0.49cvss 7.5epss 0.01
Gxlcms uses an unsafe character-replacement approach in an attempt to restrict access, which allows remote attackers to read arbitrary files via modified pathnames in the s parameter to index.php, related to Lib/Admin/Action/TplAction.class.php and Lib/Admin/Common/function.php.
- risk 0.47cvss 7.2epss 0.01
Gxlcms 2.0 before bug fix 20180915 has SQL Injection exploitable by an administrator.
- risk 0.40cvss 6.1epss 0.01
Gxlcms 1.0 has XSS via the PATH_INFO to gx/lib/ThinkPHP/Tpl/ThinkException.tpl.php.
- risk 0.32cvss 4.9epss 0.02
Gxlcms 2.0 before bug fix 20180915 has Directory Traversal exploitable by an administrator.