VYPR
Vendor

Alfasado Inc.

Products
3
CVEs
3
Across products
4
Status
Private

Products

3

Recent CVEs

3
  • CVE-2022-33941CriSep 8, 2022
    risk 0.64cvss 9.8epss 0.02

    PowerCMS XMLRPC API provided by Alfasado Inc. contains a command injection vulnerability. Sending a specially crafted message by POST method to PowerCMS XMLRPC API may allow arbitrary Perl script execution, and an arbitrary OS command may be executed through it. Affected…

  • CVE-2023-50297MedDec 26, 2023
    risk 0.40cvss 6.1epss 0.00

    Open redirect vulnerability in PowerCMS (6 Series, 5 Series, and 4 Series) allows a remote unauthenticated attacker to redirect users to arbitrary web sites via a specially crafted URL. Note that all versions of PowerCMS 3 Series and earlier which are unsupported (End-of-Life,…

  • CVE-2023-49117MedDec 26, 2023
    risk 0.35cvss 5.4epss 0.00

    PowerCMS (6 Series, 5 Series, and 4 Series) contains a stored cross-site scripting vulnerability. If this vulnerability is exploited, an arbitrary script may be executed on a logged-in user's web browser. Note that all versions of PowerCMS 3 Series and earlier which are…