VYPR
Vendor

Zeta Producer Desktop CMS

Products
1
CVEs
2
Across products
2
Status
Private

Products

1

Recent CVEs

2
  • CVE-2018-13981CriJul 16, 2018
    risk 0.68cvss 9.8epss 0.17

    The websites that were built from Zeta Producer Desktop CMS before 14.2.1 are vulnerable to unauthenticated remote code execution due to a default component that permits arbitrary upload of PHP files, because the formmailer widget blocks .php files but not .php5 or .phtml files.…

  • CVE-2018-13980MedJul 16, 2018
    risk 0.39cvss 5.5epss 0.07

    The websites that were built from Zeta Producer Desktop CMS before 14.2.1 are vulnerable to unauthenticated file disclosure if the plugin "filebrowser" is installed, because of assets/php/filebrowser/filebrowser.main.php?file=../ directory traversal.