📦 Powercms

This vulnerability allows remote attackers to execute arbitrary operating system commands on PowerCMS servers through the XMLRPC API. It affects PowerCMS versions 5.19 and earlier, 4.49 and earlier, 3...

A path traversal vulnerability in PowerCMS backup/restore feature allows product administrators to execute arbitrary code by restoring malicious backup files. This affects multiple PowerCMS versions a...

PowerCMS versions before 6.7.1, 5.3.1, and 4.6.1 allow unrestricted upload of dangerous files. If a product administrator accesses a malicious file uploaded by a product user, arbitrary script executi...

A stored cross-site scripting (XSS) vulnerability in PowerCMS allows attackers to inject malicious scripts that execute in users' browsers when viewing compromised content. This affects all PowerCMS u...