Vulnerabilities > Flamecms Project

DATE CVE VULNERABILITY TITLE RISK
2021-09-30 CVE-2020-20796 SQL Injection vulnerability in Flamecms Project Flamecms 3.3.5
FlameCMS 3.3.5 contains a SQL injection vulnerability in /master/article.php via the "Id" parameter.
network
low complexity
flamecms-project CWE-89
critical
9.8
2021-09-30 CVE-2020-20797 SQL Injection vulnerability in Flamecms Project Flamecms 3.3.5
FlameCMS 3.3.5 contains a time-based blind SQL injection vulnerability in /account/register.php.
network
low complexity
flamecms-project CWE-89
critical
9.8
2019-09-14 CVE-2019-16309 SQL Injection vulnerability in Flamecms Project Flamecms 3.3.5
FlameCMS 3.3.5 has SQL injection in account/login.php via accountName.
network
low complexity
flamecms-project CWE-89
critical
9.8