ReportizFlow
Filtered by vendor Douphp
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-30205 | 1 Douphp | 1 Douphp | 2024-11-21 | 4.8 Medium |
| A stored cross-site scripting (XSS) vulnerability in DouPHP v1.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the unique_id parameter in /admin/article.php. | ||||
| CVE-2024-7917 | 2 Douco, Douphp | 2 Douphp, Douphp | 2024-08-21 | 4.7 Medium |
| A vulnerability, which was classified as critical, has been found in DouPHP 1.7 Release 20220822. Affected by this issue is some unknown functionality of the file /admin/system.php of the component Favicon Handler. The manipulation of the argument site_favicon leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
Page 1 of 1.