Dswjcms Project

dswjcms_project

4 CVEs • 1 product

Products (1)

Click to collapse

Toggle

CVEs (4)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2020-19268 1Dswjcms Project 1Dswjcms Jun 17, 2026 Sep 9, 2021 N/A· v4 5.7 MEDIUM· v3 3.5 LOW· v2 A cross-site request forgery (CSRF) in index.php/Dswjcms/User/tfAdd of Dswjcms 1.6.4 allows authenticated attackers to arbitrarily add administrator users.
CVE-2020-19267 1Dswjcms Project 1Dswjcms Jun 17, 2026 Sep 9, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue in index.php/Dswjcms/Basis/resources of Dswjcms 1.6.4 allows attackers to execute arbitrary code via uploading a crafted PHP file.
CVE-2020-19266 1Dswjcms Project 1Dswjcms Jun 17, 2026 Sep 9, 2021 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 A stored cross-site scripting (XSS) vulnerability in the index.php/Dswjcms/Site/articleList component of Dswjcms 1.6.4 allows attackers to execute arbitrary web scripts or HTML.
CVE-2020-19265 1Dswjcms Project 1Dswjcms Jun 17, 2026 Sep 9, 2021 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 A stored cross-site scripting (XSS) vulnerability in the index.php/Dswjcms/Basis/links component of Dswjcms 1.6.4 allows attackers to execute arbitrary web scripts or HTML.