Every CVE whose affected-product data names Alfasado Powercms, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (11)
CVE-2022-33941 — CVSS 9.8 (critical): PowerCMS XMLRPC API provided by Alfasado Inc. contains a command injection vulnerability. Sending a specially crafted message by POST…
CVE-2021-20850 — CVSS 9.8 (critical): PowerCMS XMLRPC API of PowerCMS 5.19 and earlier, PowerCMS 4.49 and earlier, PowerCMS 3.295 and earlier, and PowerCMS 2 Series…
CVE-2025-46359 — CVSS 7.2 (high): A path traversal issue exists in backup and restore feature of multiple versions of PowerCMS. A product administrator may execute arbitrary…
CVE-2025-54752 — CVSS 6.5 (medium): Multiple versions of PowerCMS improperly neutralize formula elements in a CSV file. If a product user creates a malformed entry and a…
CVE-2025-54757 — CVSS 6.5 (medium): Multiple versions of PowerCMS allow unrestricted upload of dangerous files. If a product administrator accesses a malicious file uploaded…
CVE-2025-36563 — CVSS 6.1 (medium): Reflected cross-site scripting vulnerability exists in multiple versions of PowerCMS. If a product administrator accesses a crafted URL, an…
CVE-2023-50297 — CVSS 6.1 (medium): Open redirect vulnerability in PowerCMS (6 Series, 5 Series, and 4 Series) allows a remote unauthenticated attacker to redirect users to…
CVE-2019-6020 — CVSS 6.1 (medium): Open redirect vulnerability in PowerCMS 5.12 and earlier (PowerCMS 5.x), 4.42 and earlier (PowerCMS 4.x), and 3.293 and earlier (PowerCMS…
CVE-2025-41396 — CVSS 5.4 (medium): A path traversal issue exists in file uploading feature of multiple versions of PowerCMS. Arbitrary files may be overwritten by a product…
CVE-2025-41391 — CVSS 5.4 (medium): Stored cross-site scripting vulnerability exists in multiple versions of PowerCMS. If a product user accesses a malicious page, an…
CVE-2023-49117 — CVSS 5.4 (medium): PowerCMS (6 Series, 5 Series, and 4 Series) contains a stored cross-site scripting vulnerability. If this vulnerability is exploited, an…