ShaoGongBra
Products
3- 4 CVEs
- 1 CVE
- 1 CVE
Recent CVEs
6| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-31368 | Hig | 0.51 | 7.8 | 0.00 | Apr 21, 2026 | AiAssistant is affected by type privilege bypass, successful exploitation of this vulnerability may affect service availability. | ||
| CVE-2024-53586 | Med | 0.38 | 5.3 | 0.02 | Feb 6, 2025 | An issue in the relPath parameter of WebFileSys version 2.31.0 allows attackers to perform directory traversal via a crafted HTTP request. By injecting traversal payloads into the parameter, attackers can manipulate file paths and gain unauthorized access to sensitive files,… | ||
| CVE-2022-28527 | 0.00 | — | 0.01 | Apr 26, 2022 | dhcms v20170919 was discovered to contain an arbitrary folder deletion vulnerability via /admin.php?r=admin/AdminBackup/del. | |||
| CVE-2020-19275 | 0.00 | — | 0.01 | May 12, 2021 | An Information Disclosure vulnerability exists in dhcms 2017-09-18 when entering invalid characters after the normal interface, which causes an error that will leak the physical path. | |||
| CVE-2020-19274 | 0.00 | — | 0.01 | May 12, 2021 | A Cross SIte Scripting (XSS) vulnerability exists in Dhcms 2017-09-18 in guestbook via the message board, which could let a remote malicious user execute arbitrary code. | |||
| CVE-2019-9550 | 0.00 | — | 0.01 | Mar 3, 2019 | DhCms through 2017-09-18 has admin.php?r=admin/Index/index XSS. |
- risk 0.51cvss 7.8epss 0.00
AiAssistant is affected by type privilege bypass, successful exploitation of this vulnerability may affect service availability.
- risk 0.38cvss 5.3epss 0.02
An issue in the relPath parameter of WebFileSys version 2.31.0 allows attackers to perform directory traversal via a crafted HTTP request. By injecting traversal payloads into the parameter, attackers can manipulate file paths and gain unauthorized access to sensitive files,…
- CVE-2022-28527Apr 26, 2022risk 0.00cvss —epss 0.01
dhcms v20170919 was discovered to contain an arbitrary folder deletion vulnerability via /admin.php?r=admin/AdminBackup/del.
- CVE-2020-19275May 12, 2021risk 0.00cvss —epss 0.01
An Information Disclosure vulnerability exists in dhcms 2017-09-18 when entering invalid characters after the normal interface, which causes an error that will leak the physical path.
- CVE-2020-19274May 12, 2021risk 0.00cvss —epss 0.01
A Cross SIte Scripting (XSS) vulnerability exists in Dhcms 2017-09-18 in guestbook via the message board, which could let a remote malicious user execute arbitrary code.
- CVE-2019-9550Mar 3, 2019risk 0.00cvss —epss 0.01
DhCms through 2017-09-18 has admin.php?r=admin/Index/index XSS.