CVE-2019-13237

EPSS 4.14% · P89 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2019-13237

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

In Alkacon OpenCms 10.5.4 and 10.5.5, there are multiple resources vulnerable to Local File Inclusion that allow an attacker to access server resources: clearhistory.jsp, convertxml.jsp, group_new.jsp, loginmessage.jsp, xmlcontentrepair.jsp, and /system/workplace/admin/history/settings/index.jsp.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Alkacon OpenCms 路径遍历漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Alkacon OpenCms是一套使用Java语言开发的开源内容管理系统（CMS）。 Alkacon OpenCms 10.5.4版本和10.5.5版本中存在路径遍历漏洞。攻击者可利用该漏洞访问服务器资源。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2019-13237

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2019-13237

请登录查看更多情报信息。

Packet Stormx_refsource_MISC
https://aetsu.github.io/OpenCmsx_refsource_MISC
https://github.com/alkacon/opencms-core/commits/branch_10_5_xx_refsource_MISC
https://nvd.nist.gov/vuln/detail/CVE-2019-13237

Same Patch Batch · n/a · 2019-08-27 · 62 CVEs total

CVE-2019-13486		xymon 缓冲区错误漏洞
CVE-2019-13266		TP-Link Archer C3200和Archer C2 输入验证错误漏洞
CVE-2019-13263		D-Link DIR-825AC G1 输入验证错误漏洞
CVE-2019-13264		D-Link DIR-825AC G1 访问控制错误漏洞
CVE-2019-13265		D-Link DIR-825AC G1 访问控制错误漏洞
CVE-2019-13451		xymon 缓冲区错误漏洞
CVE-2019-13452		xymon 缓冲区错误漏洞
CVE-2019-13455		xymon 缓冲区错误漏洞
CVE-2019-13484		xymon 缓冲区错误漏洞
CVE-2019-13485		xymon 缓冲区错误漏洞
CVE-2019-13274		xymon 跨站脚本漏洞
CVE-2019-14314		WordPress Imagely NextGEN Gallery插件SQL注入漏洞
CVE-2019-11457		MicroPyramid Django CRM 跨站请求伪造漏洞
CVE-2019-15650		WordPress stops-core-theme-and-plugin-updates插件权限许可和访问控制问题漏洞
CVE-2015-9348		WordPress sell-downloads插件输入验证错误漏洞
CVE-2017-18592		WordPress woocommerce-catalog-enquiry插件代码问题漏洞
CVE-2015-9352		WordPress wp-polls插件SQL注入漏洞
CVE-2019-15660		WordPress wp-members插件跨站请求伪造漏洞
CVE-2016-10936		WordPress wp-polls插件跨站脚本漏洞
CVE-2017-18591		WordPress gd-rating-system插件跨站脚本漏洞

Showing top 20 of 62 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2019-13237

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2019-13237

I. Basic Information for CVE-2019-13237

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2019-13237

III. Intelligence Information for CVE-2019-13237

Same Patch Batch · n/a · 2019-08-27 · 62 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2019-13237

Leave a comment