Vulnerabilities > Frog CMS Project
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-12-25 | CVE-2018-20448 | Cross-site Scripting vulnerability in Frog CMS Project Frog CMS 0.9.5 Frog CMS 0.9.5 has XSS via the Database name field to the /install/index.php URI. | 3.5 |
| 2018-09-03 | CVE-2018-16374 | Cross-site Scripting vulnerability in Frog CMS Project Frog CMS 0.9.5 Frog CMS 0.9.5 has stored XSS via /admin/?/plugin/comment/settings. | 3.5 |
| 2018-09-03 | CVE-2018-16373 | Unrestricted Upload of File with Dangerous Type vulnerability in Frog CMS Project Frog CMS 0.9.5 Frog CMS 0.9.5 has an Upload vulnerability that can create files via /admin/?/plugin/file_manager/save. | 4.0 |
| 2018-05-15 | CVE-2018-11098 | Unrestricted Upload of File with Dangerous Type vulnerability in Frog CMS Project Frog CMS 0.9.5 An issue was discovered in Frog CMS 0.9.5. | 6.5 |
| 2018-04-11 | CVE-2018-9992 | Cross-site Scripting vulnerability in Frog CMS Project Frog CMS 0.9.5 Frog CMS 0.9.5 has XSS via the name field of a new "File" or "Directory" on the admin/?/plugin/file_manager/browse/ screen. | 3.5 |
| 2018-04-11 | CVE-2018-9991 | Cross-site Scripting vulnerability in Frog CMS Project Frog CMS 0.9.5 Frog CMS 0.9.5 has XSS via the /admin/?/user/add Name or Username parameter. | 3.5 |
| 2018-03-31 | CVE-2018-8908 | Cross-Site Request Forgery (CSRF) vulnerability in Frog CMS Project Frog CMS 0.9.5 An issue was discovered in /admin/?/user/add in Frog CMS 0.9.5. | 6.8 |
| 2018-03-22 | CVE-2014-4912 | Unrestricted Upload of File with Dangerous Type vulnerability in Frog CMS Project Frog CMS 0.9.5 An Arbitrary File Upload issue was discovered in Frog CMS 0.9.5 due to lack of extension validation. | 7.5 |