Vulnerabilities > Finecms Project > Finecms > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-07-13 | CVE-2017-11200 | SQL Injection vulnerability in Finecms Project Finecms SQL Injection exists in FineCMS through 2017-07-12 via the application/core/controller/excludes.php visitor_ip parameter. | 8.8 |
| 2017-07-12 | CVE-2017-11178 | Insufficient Verification of Data Authenticity vulnerability in Finecms Project Finecms In FineCMS through 2017-07-11, application/core/controller/style.php allows remote attackers to write to arbitrary files via the contents and filename parameters in a route=style action. | 7.5 |