ShaoGongBra/dhcms

Releases0

鼎华云CMS，快速搭建企业网站

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2022-28527 ↗	Apr 26, 2022Tuesday, 26 April 2022, 21:15	8.1 HIGH	5.5 MEDIUM
dhcms v20170919 was discovered to contain an arbitrary folder deletion vulnerability via /admin.php?r=admin/AdminBackup/del.
CVE-2020-19275 ↗	May 12, 2021Wednesday, 12 May 2021, 18:15	5.3 MEDIUM	5 MEDIUM
An Information Disclosure vulnerability exists in dhcms 2017-09-18 when entering invalid characters after the normal interface, which causes an error that will leak the physical path.
CVE-2020-19274 ↗	May 12, 2021Wednesday, 12 May 2021, 17:15	6.1 MEDIUM	4.3 MEDIUM
A Cross SIte Scripting (XSS) vulnerability exists in Dhcms 2017-09-18 in guestbook via the message board, which could let a remote malicious user execute arbitrary code.
CVE-2019-9550 ↗	Mar 3, 2019Sunday, 3 March 2019, 19:29	—	3.5 LOW
DhCms through 2017-09-18 has admin.php?r=admin/Index/index XSS.