← Back

Dswjcms

dswjcms

Vendor: Dswjcms Project • 4 CVEs

CVEs (4)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2020-19268
1Dswjcms Project
1Dswjcms
Jun 17, 2026
Sep 9, 2021
N/A· v4
5.7 MEDIUM· v3
3.5 LOW· v2
A cross-site request forgery (CSRF) in index.php/Dswjcms/User/tfAdd of Dswjcms 1.6.4 allows authenticated attackers to arbitrarily add administrator users.
CVE-2020-19267
1Dswjcms Project
1Dswjcms
Jun 17, 2026
Sep 9, 2021
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
An issue in index.php/Dswjcms/Basis/resources of Dswjcms 1.6.4 allows attackers to execute arbitrary code via uploading a crafted PHP file.
CVE-2020-19266
1Dswjcms Project
1Dswjcms
Jun 17, 2026
Sep 9, 2021
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
A stored cross-site scripting (XSS) vulnerability in the index.php/Dswjcms/Site/articleList component of Dswjcms 1.6.4 allows attackers to execute arbitrary web scripts or HTML.
CVE-2020-19265
1Dswjcms Project
1Dswjcms
Jun 17, 2026
Sep 9, 2021
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
A stored cross-site scripting (XSS) vulnerability in the index.php/Dswjcms/Basis/links component of Dswjcms 1.6.4 allows attackers to execute arbitrary web scripts or HTML.