Tp5cms Project

tp5cms_project

5 CVEs • 1 product

Products (1)

Click to collapse

Toggle

CVEs (5)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2021-31280 1Tp5cms Project 1Tp5cms Jan 3, 2025 Jun 14, 2023 N/A· v4 6.1 MEDIUM· v3 N/A· v2 An issue was discovered in tp5cms through 2017-05-25. admin.php/system/set.html has XSS via the keywords parameter.
CVE-2018-19693 1Tp5cms Project 1Tp5cms Nov 21, 2024 Nov 29, 2018 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 An issue was discovered in tp5cms through 2017-05-25. admin.php/system/set.html has XSS via the title parameter.
CVE-2018-19692 1Tp5cms Project 1Tp5cms Nov 21, 2024 Nov 29, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue was discovered in tp5cms through 2017-05-25. admin.php/upload/picture.html allows remote attackers to execute arbitrary PHP code by uploading a .php file with the image/jpeg content type.
CVE-2018-15568 1Tp5cms Project 1Tp5cms Nov 21, 2024 Aug 20, 2018 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 tp5cms through 2017-05-25 has CSRF via admin.php/category/delete.html.
CVE-2018-15566 1Tp5cms Project 1Tp5cms Nov 21, 2024 Aug 20, 2018 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 tp5cms through 2017-05-25 has XSS via the admin.php/article/index.html q parameter.