Vulnerabilities > Frogcms Project > Frogcms > 0.9.5
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-10-29 | CVE-2020-25872 | Path Traversal vulnerability in Frogcms Project Frogcms 0.9.5 A vulnerability exists within the FileManagerController.php function in FrogCMS 0.9.5 which allows an attacker to perform a directory traversal attack via a GET request urlencode parameter. | 4.0 |
2021-09-23 | CVE-2021-26794 | Unrestricted Upload of File with Dangerous Type vulnerability in Frogcms Project Frogcms 0.9.5 Privilege escalation in 'upload.php' in FrogCMS SentCMS v0.9.5 allows attacker to execute arbitrary code via crafted php file. | 7.5 |
2018-12-31 | CVE-2018-19844 | Cross-site Scripting vulnerability in Frogcms Project Frogcms 0.9.5 FROG CMS 0.9.5 has XSS via the admin/?/snippet/add name parameter, which is mishandled during an edit action, a related issue to CVE-2018-10319. | 3.5 |
2018-09-04 | CVE-2018-16447 | Cross-Site Request Forgery (CSRF) vulnerability in Frogcms Project Frogcms 0.9.5 Frog CMS 0.9.5 has admin/?/user/edit/1 CSRF. | 6.8 |
2018-05-08 | CVE-2018-10806 | Cross-Site Request Forgery (CSRF) vulnerability in Frogcms Project Frogcms 0.9.5 An issue was discovered in Frog CMS 0.9.5. | 3.5 |
2018-04-30 | CVE-2018-10570 | Cross-site Scripting vulnerability in Frogcms Project Frogcms 0.9.5 Frog CMS 0.9.5 has XSS in /install/index.php via the ['config']['admin_username'] field. | 3.5 |
2018-04-24 | CVE-2018-10321 | Cross-site Scripting vulnerability in Frogcms Project Frogcms 0.9.5 Frog CMS 0.9.5 has a stored Cross Site Scripting Vulnerability via "Admin Site title" in Settings. | 3.5 |
2018-04-24 | CVE-2018-10320 | Cross-site Scripting vulnerability in Frogcms Project Frogcms 0.9.5 Frog CMS 0.9.5 has XSS via the admin/?/layout/edit layout[name] parameter, aka Edit Layout. | 3.5 |
2018-04-24 | CVE-2018-10319 | Cross-site Scripting vulnerability in Frogcms Project Frogcms 0.9.5 Frog CMS 0.9.5 has XSS via the admin/?/snippet/edit snippet[name] parameter, aka Edit Snippet. | 3.5 |
2018-04-24 | CVE-2018-10318 | Cross-site Scripting vulnerability in Frogcms Project Frogcms 0.9.5 Frog CMS 0.9.5 has XSS via the admin/?/page/edit page[keywords] parameter, aka Edit Page Metadata. | 3.5 |