Otcms : Security Vulnerabilities, CVEs, Published In 2018
OTCMS 3.61 allows remote attackers to execute arbitrary PHP code via the accBackupDir parameter.
Max CVSS
8.1
EPSS Score
0.67%
Published
2018-09-23
Updated
2018-11-08
An issue was discovered in OTCMS 3.61. XSS exists in admin/share_switch.php via these parameters: fieldName fieldName2 tabName.
Max CVSS
6.1
EPSS Score
0.09%
Published
2018-09-16
Updated
2018-11-07
An issue was discovered in OTCMS 3.61. XSS exists in admin/users.php via these parameters: dataTypeCN dataMode dataModeStr.
Max CVSS
6.1
EPSS Score
0.09%
Published
2018-09-16
Updated
2018-11-07
OTCMS 3.20 allows XSS by adding a keyword or link to an article, as demonstrated by an admin/keyWord_deal.php?mudi=add request.
Max CVSS
6.1
EPSS Score
0.08%
Published
2018-03-24
Updated
2018-04-18
4 vulnerabilities found