Search CVE reports
1 – 10 of 12 results
CVE-2024-48138
Medium priorityA remote code execution (RCE) vulnerability in the component /PluXml/core/admin/parametres_edittpl.php of PluXml v5.8.16 and lower allows attackers to execute arbitrary code via injecting a crafted payload into a template.
1 affected packages
pluxml
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
pluxml | Not in release | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2024-22636
High priorityPluXml Blog v5.8.9 was discovered to contain a remote code execution (RCE) vulnerability in the Static Pages feature. This vulnerability is exploited via injecting a crafted payload into the Content field.
1 affected packages
pluxml
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
pluxml | Not in release | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2022-25020
Medium priorityA cross-site scripting (XSS) vulnerability in Pluxml v5.8.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the thumbnail path of a blog post.
1 affected packages
pluxml
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
pluxml | Not in release | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2022-25018
Medium priorityPluxml v5.8.7 was discovered to allow attackers to execute arbitrary code via crafted PHP code inserted into static pages.
1 affected packages
pluxml
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
pluxml | Not in release | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2022-24587
Medium priorityA stored cross-site scripting (XSS) vulnerability in the component core/admin/medias.php of PluXml v5.8.7 allows attackers to execute arbitrary web scripts or HTML.
1 affected packages
pluxml
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
pluxml | Not in release | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2022-24585
Medium priorityA stored cross-site scripting (XSS) vulnerability in the component /core/admin/comment.php of PluXml v5.8.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the author parameter.
1 affected packages
pluxml
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
pluxml | Not in release | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2022-24586
Medium priorityA stored cross-site scripting (XSS) vulnerability in the component /core/admin/categories.php of PluXml v5.8.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the content and thumbnail parameters.
1 affected packages
pluxml
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
pluxml | Not in release | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2021-38603
Low priorityPluXML 5.8.7 allows core/admin/profil.php stored XSS via the Information field.
1 affected packages
pluxml
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
pluxml | Not in release | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2021-38602
Low priorityPluXML 5.8.7 allows Article Editing stored XSS via Headline or Content.
1 affected packages
pluxml
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
pluxml | Not in release | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2020-18185
Medium priorityclass.plx.admin.php in PluXml 5.7 allows attackers to execute arbitrary PHP code by modify the configuration file in a linux environment.
1 affected packages
pluxml
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
pluxml | Not in release | Vulnerable | Vulnerable | Vulnerable | Needs evaluation |