Approved changes feed: RSS · Atom
cpe:2.3:a:n/a:phpems:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | N/A (22f567d3-1203-528c-8f0e-3eb9c2f6ca78) |
|---|---|
| Product | Phpems (3cd7243a-5649-52e9-a535-761c71f84350) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2024-1353 |
vulnerable | 2026-06-08 06:25:39.878192 |
PHPEMS index.api.php index deserialization
MEDIUM (6.3)
A vulnerability, which was classified as critical, has been found in PHPEMS up to 1.0. Affected by this issue is the function index of the file app/weixin/controller/index.api.php. The manipulation of the argument picurl leads to deserialization. The exploit has been disclosed to the public and may be used. VDB-253226 is the identifier assigned to this vulnerability.
Published: 2024-02-09T00:31:06.389Z
Updated: 2025-05-08T18:27:24.611Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-6654 |
vulnerable | 2026-06-08 06:21:55.220059 |
PHPEMS Session Data session.cls.php deserialization
MEDIUM (6.3)
A vulnerability classified as critical was found in PHPEMS 6.x/7.x/8.x/9.0. Affected by this vulnerability is an unknown functionality in the library lib/session.cls.php of the component Session Data Handler. The manipulation leads to deserialization. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-247357 was assigned to this vulnerability.
Published: 2023-12-10T15:00:05.030Z
Updated: 2024-08-28T15:18:27.567Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-6472 |
vulnerable | 2026-06-08 06:19:47.443021 |
PHPEMS Content Section api.cls.php cross site scripting
LOW (2.4)
A vulnerability, which was classified as problematic, has been found in PHPEMS 7.0. This issue affects some unknown processing of the file app\content\cls\api.cls.php of the component Content Section Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-246629 was assigned to this vulnerability.
Published: 2023-12-02T18:31:03.772Z
Updated: 2024-08-02T08:28:21.802Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.