portfoliocms_project CVE Vulnerabilities & CVE List (6)

Products (CPE): — CVEs: 6

portfoliocms_project vulnerability overview

Aggregates CVE and security vulnerability intelligence across all portfoliocms_project-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.

Disclosed issues often relate to vendor risk csrf and vendor risk sql injection; exposure may include vendor impact data exposure in vendor surface software deployment and vendor surface production workloads contexts.

Vulnerability distribution trend (last 24 months)

Showing 16 of 6 CVEs
«« First « Prev Page 1 / 1 Next »
CVE Summary Source Max CVSS EPSS % Published Updated
CVE-2021-36532 Race condition vulnerability discovered in portfolioCMS 1.0 allows remote attackers to run arbitrary code via fileExt parameter to localhost/admin/uploads.php. [email protected] 8.1 0.65% 2023-02-03 2025-03-26
CVE-2020-20402 Westbrookadmin portfolioCMS v1.05 allows attackers to bypass password validation and access sensitive information via session fixation. [email protected] 7.5 0.30% 2023-01-31 2025-03-27
CVE-2018-15849 An issue was discovered in portfolioCMS 1.0.5. There is CSRF to update the website settings via admin/aboutus.php. [email protected] 4.3 0.05% 2018-08-25 2024-11-21
CVE-2018-15848 An issue was discovered in portfolioCMS 1.0.5. There is CSRF to create new pages via admin/portfolio.php?newpage=true. [email protected] 8.8 0.07% 2018-08-25 2024-11-21
CVE-2018-12263 portfolioCMS 1.0.5 allows upload of arbitrary .php files via the admin/portfolio.php?newpage=true URI. [email protected] 8.8 0.40% 2018-06-13 2024-11-21
CVE-2018-12110 portfolioCMS 1.0.5 has SQL Injection via the admin/portfolio.php preview parameter. [email protected] 7.2 0.25% 2018-06-11 2024-11-21
«« First « Prev Page 1 / 1 Next »
cvelogic Threat Intelligence