Vulnerabilities > Finecms

DATE	CVE	VULNERABILITY TITLE	RISK
2017-07-24	CVE-2017-11582	SQL Injection vulnerability in Finecms 1.9.5/5.0.9 dayrui FineCms 5.0.9 has SQL Injection via the num parameter in an action=related or action=tags request to libraries/Template.php. network low complexity finecms CWE-89 critical	9.8
2017-07-24	CVE-2017-11581	Cross-site Scripting vulnerability in Finecms 5.0.9 dayrui FineCms 5.0.9 has Cross Site Scripting (XSS) in admin/Login.php via a payload in the username field that does not begin with a '<' character. network low complexity finecms CWE-79	6.1

Vulnerabilities > Finecms {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Finecms"}]}