cbcvebase.

Tpadmin Project Tpadmin vulnerabilities

3 known vulnerabilities affecting tpadmin_project/tpadmin.

Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1MEDIUM1

Vulnerabilities

Page 1 of 1
CVE-2026-2113P2CRITICALCVSS 9.8≤ 1.3.122026-02-07
CVE-2026-2113 [CRITICAL] CWE-20 CVE-2026-2113: A security vulnerability has been detected in yuan1994 tpadmin up to 1.3.12. This affects an unknown A security vulnerability has been detected in yuan1994 tpadmin up to 1.3.12. This affects an unknown part in the library /public/static/admin/lib/webuploader/0.1.5/server/preview.php of the component WebUploader. The manipulation leads to deserialization. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and m
nvd
CVE-2023-1970P3HIGHCVSS 7.2v1.3.122023-04-10
CVE-2023-1970 [HIGH] CWE-434 CVE-2023-1970: ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as problematic, has been found ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as problematic, has been found in yuan1994 tpAdmin 1.3.12. This issue affects the function Upload of the file application\admin\controller\Upload.php. The manipulation of the argument file leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclos
nvd
CVE-2023-1971P4MEDIUMCVSS 4.9v1.3.122023-04-10
CVE-2023-1971 [MEDIUM] CWE-918 CVE-2023-1971: ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, was found in yuan ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, was found in yuan1994 tpAdmin 1.3.12. Affected is the function remote of the file application\admin\controller\Upload.php. The manipulation of the argument url leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been discl
nvd
Tpadmin Project Tpadmin vulnerabilities | cvebase