Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

1 – 10 of 12 results


CVE-2024-48138

Medium priority
Needs evaluation

A remote code execution (RCE) vulnerability in the component /PluXml/core/admin/parametres_edittpl.php of PluXml v5.8.16 and lower allows attackers to execute arbitrary code via injecting a crafted payload into a template.

1 affected packages

pluxml

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
pluxml Not in release Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2024-22636

High priority
Needs evaluation

PluXml Blog v5.8.9 was discovered to contain a remote code execution (RCE) vulnerability in the Static Pages feature. This vulnerability is exploited via injecting a crafted payload into the Content field.

1 affected packages

pluxml

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
pluxml Not in release Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2022-25020

Medium priority
Needs evaluation

A cross-site scripting (XSS) vulnerability in Pluxml v5.8.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the thumbnail path of a blog post.

1 affected packages

pluxml

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
pluxml Not in release Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2022-25018

Medium priority
Needs evaluation

Pluxml v5.8.7 was discovered to allow attackers to execute arbitrary code via crafted PHP code inserted into static pages.

1 affected packages

pluxml

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
pluxml Not in release Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2022-24587

Medium priority
Needs evaluation

A stored cross-site scripting (XSS) vulnerability in the component core/admin/medias.php of PluXml v5.8.7 allows attackers to execute arbitrary web scripts or HTML.

1 affected packages

pluxml

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
pluxml Not in release Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2022-24585

Medium priority
Needs evaluation

A stored cross-site scripting (XSS) vulnerability in the component /core/admin/comment.php of PluXml v5.8.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the author parameter.

1 affected packages

pluxml

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
pluxml Not in release Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2022-24586

Medium priority
Needs evaluation

A stored cross-site scripting (XSS) vulnerability in the component /core/admin/categories.php of PluXml v5.8.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the content and thumbnail parameters.

1 affected packages

pluxml

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
pluxml Not in release Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2021-38603

Low priority
Needs evaluation

PluXML 5.8.7 allows core/admin/profil.php stored XSS via the Information field.

1 affected packages

pluxml

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
pluxml Not in release Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2021-38602

Low priority
Needs evaluation

PluXML 5.8.7 allows Article Editing stored XSS via Headline or Content.

1 affected packages

pluxml

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
pluxml Not in release Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2020-18185

Medium priority
Vulnerable

class.plx.admin.php in PluXml 5.7 allows attackers to execute arbitrary PHP code by modify the configuration file in a linux environment.

1 affected packages

pluxml

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
pluxml Not in release Vulnerable Vulnerable Vulnerable Needs evaluation
Show less packages