Ocproducts Composr vulnerabilities
2 known vulnerabilities affecting ocproducts/composr.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1
Vulnerabilities
Page 1 of 1
CVE-2021-30149P2CRITICALCVSS 9.8PoCv10.0.362021-04-06
CVE-2021-30149 [CRITICAL] CWE-434 CVE-2021-30149: Composr 10.0.36 allows upload and execution of PHP files.
Composr 10.0.36 allows upload and execution of PHP files.
nvd
CVE-2021-46360P2HIGHCVSS 8.8PoC≤ 10.0.392022-02-09
CVE-2021-46360 [HIGH] CWE-434 CVE-2021-46360: Authenticated remote code execution (RCE) in Composr-CMS 10.0.39 and earlier allows remote attackers
Authenticated remote code execution (RCE) in Composr-CMS 10.0.39 and earlier allows remote attackers to execute arbitrary code via uploading a PHP shell through /adminzone/index.php?page=admin-commandr.
nvd