← Back

Tp5cms

tp5cms

Vendor: Tp5cms Project • 5 CVEs

CVEs (5)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2021-31280
1Tp5cms Project
1Tp5cms
Jan 3, 2025
Jun 14, 2023
N/A· v4
6.1 MEDIUM· v3
N/A· v2
An issue was discovered in tp5cms through 2017-05-25. admin.php/system/set.html has XSS via the keywords parameter.
CVE-2018-19693
1Tp5cms Project
1Tp5cms
Nov 21, 2024
Nov 29, 2018
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
An issue was discovered in tp5cms through 2017-05-25. admin.php/system/set.html has XSS via the title parameter.
CVE-2018-19692
1Tp5cms Project
1Tp5cms
Nov 21, 2024
Nov 29, 2018
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
An issue was discovered in tp5cms through 2017-05-25. admin.php/upload/picture.html allows remote attackers to execute arbitrary PHP code by uploading a .php file with the image/jpeg content type.
CVE-2018-15568
1Tp5cms Project
1Tp5cms
Nov 21, 2024
Aug 20, 2018
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
tp5cms through 2017-05-25 has CSRF via admin.php/category/delete.html.
CVE-2018-15566
1Tp5cms Project
1Tp5cms
Nov 21, 2024
Aug 20, 2018
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
tp5cms through 2017-05-25 has XSS via the admin.php/article/index.html q parameter.