VYPR
Vendor

DocCms

Products
1
CVEs
2
Across products
2
Status
Private

Products

1

Recent CVEs

2
  • CVE-2019-16192CriSep 9, 2019
    risk 0.64cvss 9.8epss 0.02

    upload_model() in /admini/controllers/system/managemodel.php in DocCms 2016.5.17 allow remote attackers to execute arbitrary PHP code through module management files, as demonstrated by a .php file in a ZIP archive.

  • CVE-2018-18835CriOct 30, 2018
    risk 0.64cvss 9.8epss 0.02

    upload_template() in system/changeskin.php in DocCms 2016.5.12 allows remote attackers to execute arbitrary PHP code via a template file.