ReportizFlow
Filtered by vendor Pluxml
Subscriptions
Total
24 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-38603 | 1 Pluxml | 1 Pluxml | 2024-11-21 | 4.8 Medium |
| PluXML 5.8.7 allows core/admin/profil.php stored XSS via the Information field. | ||||
| CVE-2021-38602 | 1 Pluxml | 1 Pluxml | 2024-11-21 | 4.8 Medium |
| PluXML 5.8.7 allows Article Editing stored XSS via Headline or Content. | ||||
| CVE-2020-18185 | 1 Pluxml | 1 Pluxml | 2024-11-21 | 9.8 Critical |
| class.plx.admin.php in PluXml 5.7 allows attackers to execute arbitrary PHP code by modify the configuration file in a linux environment. | ||||
| CVE-2024-48138 | 1 Pluxml | 1 Pluxml | 2024-11-01 | 9.8 Critical |
| A remote code execution (RCE) vulnerability in the component /PluXml/core/admin/parametres_edittpl.php of PluXml v5.8.16 and lower allows attackers to execute arbitrary code via injecting a crafted payload into a template. | ||||