0.9.5

DATE	CVE	VULNERABILITY TITLE	RISK
2021-10-29	CVE-2020-25872	Path Traversal vulnerability in Frogcms Project Frogcms 0.9.5 A vulnerability exists within the FileManagerController.php function in FrogCMS 0.9.5 which allows an attacker to perform a directory traversal attack via a GET request urlencode parameter. network low complexity frogcms-project CWE-22	4.0
2021-09-23	CVE-2021-26794	Unrestricted Upload of File with Dangerous Type vulnerability in Frogcms Project Frogcms 0.9.5 Privilege escalation in 'upload.php' in FrogCMS SentCMS v0.9.5 allows attacker to execute arbitrary code via crafted php file. network low complexity frogcms-project CWE-434	7.5
2018-12-31	CVE-2018-19844	Cross-site Scripting vulnerability in Frogcms Project Frogcms 0.9.5 FROG CMS 0.9.5 has XSS via the admin/?/snippet/add name parameter, which is mishandled during an edit action, a related issue to CVE-2018-10319. network frogcms-project CWE-79	3.5
2018-09-04	CVE-2018-16447	Cross-Site Request Forgery (CSRF) vulnerability in Frogcms Project Frogcms 0.9.5 Frog CMS 0.9.5 has admin/?/user/edit/1 CSRF. network frogcms-project CWE-352	6.8
2018-05-08	CVE-2018-10806	Cross-Site Request Forgery (CSRF) vulnerability in Frogcms Project Frogcms 0.9.5 An issue was discovered in Frog CMS 0.9.5. network frogcms-project CWE-352	3.5
2018-04-30	CVE-2018-10570	Cross-site Scripting vulnerability in Frogcms Project Frogcms 0.9.5 Frog CMS 0.9.5 has XSS in /install/index.php via the ['config']['admin_username'] field. network frogcms-project CWE-79	3.5
2018-04-24	CVE-2018-10321	Cross-site Scripting vulnerability in Frogcms Project Frogcms 0.9.5 Frog CMS 0.9.5 has a stored Cross Site Scripting Vulnerability via "Admin Site title" in Settings. network frogcms-project CWE-79	3.5
2018-04-24	CVE-2018-10320	Cross-site Scripting vulnerability in Frogcms Project Frogcms 0.9.5 Frog CMS 0.9.5 has XSS via the admin/?/layout/edit layout[name] parameter, aka Edit Layout. network frogcms-project CWE-79	3.5
2018-04-24	CVE-2018-10319	Cross-site Scripting vulnerability in Frogcms Project Frogcms 0.9.5 Frog CMS 0.9.5 has XSS via the admin/?/snippet/edit snippet[name] parameter, aka Edit Snippet. network frogcms-project CWE-79	3.5
2018-04-24	CVE-2018-10318	Cross-site Scripting vulnerability in Frogcms Project Frogcms 0.9.5 Frog CMS 0.9.5 has XSS via the admin/?/page/edit page[keywords] parameter, aka Edit Page Metadata. network frogcms-project CWE-79	3.5