Doccms CVEs and Security Vulnerabilities

Filtered by vendor Doccms Subscriptions

Filtered by product Doccms Subscriptions

Switch to Advanced Search (Beta)

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2019-16192	1 Doccms	1 Doccms	2024-11-21	9.8 Critical
upload_model() in /admini/controllers/system/managemodel.php in DocCms 2016.5.17 allow remote attackers to execute arbitrary PHP code through module management files, as demonstrated by a .php file in a ZIP archive.
CVE-2018-18835	1 Doccms	1 Doccms	2024-11-21	N/A
upload_template() in system/changeskin.php in DocCms 2016.5.12 allows remote attackers to execute arbitrary PHP code via a template file.

Page 1 of 1.